Slashdot Mirror

← Back to Stories (view on slashdot.org)

Notifications of Security Breaches

Posted by michael on from the heard-it-through-the-grapevine dept.

LogError writes "On July 1, 2003, Senate bill 1386 becomes Civil Code 1798.82. In a nutshell, the law states that any person or company doing business in the state of California is responsible for notifying California residents of security breaches to their non-encrypted information. It is important to note that the actual breach does not need to occur in the state of California for the law to apply."

14 of 130 comments (clear)

  1. Language? by CptChipJew · · Score: 5, Funny

    Interestingly, there is no language in this law governing what the notification has to say, and whether or not it has to be easily understood by the customer.

    Dear Valued Taxpayer,

    Ihre Sozialversicherungzahl wurde von einem Hacker gestohlen. Er hat Ihre Identität gestohlen. Haben Sie einen schönen Tag.

    Sincerely,

    California Internal Revenue Service

    -This was Fished. I apologize for the bad German.

    --
    Vonal Declosion
    1. Re:Language? by botzi · · Score: 1, Funny
      Uuuhhhhhh.....

      Their social security number was stolen by a hacker. He stole your identity. Have a beautiful day.



      This was BackFished...

      Why do I feel so sure that that's not so close to what you wrote????;o)))))

      --
      1. No sig. 2. ???? 3. Profit!!!
  2. a new mail folder by JSmooth · · Score: 5, Funny

    So now we know when our info is violated...

    Dear __(name)__; On __(Date)__ at __(Time)__ your personal information was illegally acessed by "31337 Hackers", The FBI, Microsoft (circle all that apply).

    There is nothing you can do but the new law requires that we tell you. Neaner Neaner Neaner!

  3. Applications Lacking? by gerf · · Score: 5, Funny

    Really, this is a bare minimum of informing people. The few times this would apply is when something like this happens:

    Sorry, but we accidentally sent every SanFran registered voter's complete personal information to some accounting companies, rather than their 2002 ballots to be checked. And that information got lost in the mail. So, ah, all of your lives are floating out there somewhere in a canvas bag with U.S. Mail written on it. Sorry!

  4. Microsoft stays in Seattle by jabbadabbadoo · · Score: 3, Funny

    I don't see Microsoft moving HQ to California any time soon.

  5. But your honor, all our data IS encrypted! by HornyBastard77 · · Score: 0, Funny
    It can only be decrypted using this cipher key.

    :-)

  6. will virus writers have to comply? by Anonymous Coward · · Score: 0, Funny

    Dear LookOut! user,

    Your personal details were sent out to 169 countries including Nigeria.

    Sincerely,
    The HappyHour Virus

  7. Re:Ah, good old EBG13 by blibbleblobble · · Score: 4, Funny

    "So just ROT13 everything and the law goes bye bye Hell, it worked for Adobe."

    Is ROT-26 encryption not strong enough for california law?

  8. I can see it now by GrandCow · · Score: 4, Funny

    Interestingly, there is no language in this law governing what the notification has to say, and whether or not it has to be easily understood by the customer

    To: someoneinCA@aol.com
    Subject: Grow your penis 10 inches in less than a day!

    Greetings fellow soon to be elephant sized penis man. Let me take the time to tell you about a GUARANTEED and PROVEN method we've developed over 30 years to work perfectly the first time and give you up to 10 inches more in your member's length! All you have to do is realize that your wildest dream is about to come true and just click on our website and order our system! Under Civil Code 1798.82 your information was downloaded illegally by a hacker on July 10, 2003. Act now!

    --
    "Well kids, you tried your best, and you failed. The lesson is, never try." -Homer Simpson
  9. Re:Ah, good old EBG13 by iapetus · · Score: 5, Funny

    Certainly not. Lawmakers have at least vaguely cottoned on to how encryption strength is measured. They'd want ROT-52 at least, and ROT-156 for data with a higher security risk...

    --
    ++ Say to Elrond "Hello.".
    Elrond says "No.". Elrond gives you some lunch.
  10. But they already are... by twoallbeefpatties · · Score: 3, Funny

    To Whom it May Concern:

    On June 26, a middle level manager at our company opened an email claiming that a friend had sent him something "for him to see." This manager opened the email in Outlook Express. Approximately two hours later, the entire network was shut down, all of our databases were open to any traffic that wished to view it, and every computer in the department was forced to spend the rest of the day with a picture of a woman having sexual intercourse with a horse for a desktop image.

    We appreciate your patience.

    ATTACHMENT: klezz.txt

    --
    Libertarians somehow believe that private businesses should be stronger than governments but weaker than individuals.
  11. Wow! by Pig+Hogger · · Score: 2, Funny

    Does this means that Microsoft will pull-out of California???

  12. Doesn't this just give them the right... by Anonymous Coward · · Score: 5, Funny

    ... to spam their customers?

    -----------------

    Dear valued customer (and CA taxpayer),

    I send you this letter to ask for your advice.

    Recently we had a security breach, and it is believed that your email address, social security and drivers license were all stolen.

    We know this is probably a bad thing, but we're not really sure. Anyway, while you're reading this letter, why not try some Viagra?

    Sincerely,

    Your Electric Company

  13. Re:Ah, good old EBG13 by Anonymous Coward · · Score: 1, Funny

    Hang on there crypto-boy, I wan't my binary to be exportable; shouldn't I stick with the ROT-128 ? :)