hacking

The Hill's Cory Bennett reports that the hack of Sony Pictures is inspiring much more urgent interest from Congressional lawmakers about cybersecurity legislation, including legal protections for companies that exchange cyberthreat information with the government. But Robyn Greene, policy counsel for New America Foundation’s Open Technology Institute, told The Hill that “it is unlikely that information sharing would have prevented the Sony hack. Eighty to 90 percent of all attacks are the result of poor cyber hygiene and internal system monitoring.”

A series of data breaches have put higher pressure on Corporate America, including retailers like Target, to tighten its cybersecurity. But the health care sector is not engaged on the security of electronic health records and faces the risk of hackers exposing sensitive patient information, Politico reports: "As health data become increasingly digital and the use of electronic health records booms, thieves see patient records in a vulnerable health care system as attractive bait, according to experts interviewed by POLITICO. On the black market, a full identity profile contained in a single record can bring as much as $500."

Politico also points out that information in a patient's health record, including medical history and family contacts, can't be undone.

The Federal Trade Commission has the authority to sue companies that neglect to secure their customers' data, U.S. District Judge Esther Sales of New Jersey ruled this week, according to a report in the National Journal. " If the court had sided with Wyndham [Hotels], it would have stripped the federal government of oversight of data security practices just as hackers begin to pull off more and more high-profile attacks," the Journal further reports. Wyndham argued that weak data security practices aren't an unfair business practice, which the FTC is authorized to regulate.

Barrett Brown, a journalist and activist who used crowdsourcing to investigate leaked information about private security firm Stratfor, has taken a plea deal with prosecutors, Wired reports: In a court document superseding two of Brown's previous three indictments, "the government charges Brown with two crimes: allegedly assisting the person who hacked Stratfor after the fact, and obstructing the execution of a search warrant targeting Brown. The first charge is a new one and relates to assistance Brown allegedly gave the person who hacked Stratfor 'in order to hinder and prevent ... apprehension, trial and punishment.'" Prosecutors previously dropped 11 charges against Brown in which he was charged with identity theft. Brown copied a hyperlink, connecting "to a file containing [Stratfor] data stolen in 2011," from one public chatroom and reposted it to another, Wired reports.

The Dallas Morning News reports that prosecutors have moved to drop most of the charges against journalist and activist Barrett Brown related to posting stolen data online. They want to drop all but one of 12 charges "accusing him of trafficking in data, including credit card numbers, that was stolen from private intelligence firm Stratfor" by hackers, the Morning News says. "He had faced charges of aggravated identity theft and device fraud in a case that has received national attention for its free speech implications," the Morning News also says.