SSCC 91 – Utah explains data breach, Facebook hacker jailed, FlashBack removal for Leopard, Pentagon expands data sharing

Sophos Security Chet Chat logoGary Korhonen joined me on this week’s Chet Chat as we return to our normal format of covering the most important security news of the week.

We kicked things off by discussing the handling of the recent data breach at the State of Utah where more than 780,000 people’s personally identifiable information was stolen from an unsecured internet-facing server.

Last week a Facebook hacker who compromised the account of a single US account was sentenced to one year in prison. Gary and I pondered what possibly could have led the FBI and UK authorities to even investigate such a seemingly small offense. It was later determined that the account in question belonged to Selena Gomez, Justin Bieber’s girlfriend.

Apple released a FlashBack malware removal tool for users of OS X 10.5 Leopard last week. It’s important to remind users of Leopard that this is not a fix for the vulnerability and if they are unable to upgrade it would be advisable to install our free anti-virus for Mac.

After attempting to pass legislation to enable the US government to more seamlessly share data with the private sector, the Pentagon is expanding a program that does just that. Apparently if the Pentagon and private contractors simply comply with existing law they can share data anyhow.

Lastly, one of the principal criminals involved in Operation Phish Phry several years ago was sentenced to five years in prison last week. Gary and I discuss what can be learned from the operations of these criminals when made public and how we can use that information to better fight other online gangs.

(18 May 2012, duration 17:57 minutes, size 10.8 MBytes)

You can also download this podcast directly in MP3 format: Sophos Security Chet Chat 91, subscribe on iTunes or our RSS feed. You can see all of the Sophos Podcasts by visiting our archive.