BreachExchange mailing list archives
Re: More on the BofA card-cancellations
From: security curmudgeon <jericho () attrition org>
Date: Fri, 10 Feb 2006 17:08:40 -0500 (EST)
On Fri, 10 Feb 2006, Adam Shostack wrote: : The only explanation(s) I can think of for not disclosing are ongoing : investigations, which is starting to get thin as details leak, and that : the data was "encrypted." Adam brings up an interesting point about this case and possibly others. How many companies are holding off on notification of any kind, citing "ongoing investigation"? If the FBI is involved and have exhausted leads, the case stays open for 7 years (or more). This would be a convenient way for a company to hide an incident from the public and possibly escape legal obligation to do so. _______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss
Current thread:
- More on the BofA card-cancellations Chris Walsh (Feb 10)
- <Possible follow-ups>
- Re: More on the BofA card-cancellations Sharon Besser (Feb 10)
- Re: More on the BofA card-cancellations Adam Shostack (Feb 10)
- Re: More on the BofA card-cancellations Chris Walsh (Feb 10)
- Re: More on the BofA card-cancellations Sharon Besser (Feb 10)
- Re: More on the BofA card-cancellations Chris Walsh (Feb 10)
- Re: More on the BofA card-cancellations Adam Shostack (Feb 10)
- Re: More on the BofA card-cancellations security curmudgeon (Feb 10)
- Re: More on the BofA card-cancellations Chris Walsh (Feb 10)