Monday Morning News Kick Off: Countrywide Lawsuit, New Law Regarding Retailers and Data Breaches and Cybercriminals Prey on Unemployed

Welcome to the Monday Morning News Kick Off post. We hope everyone is ready for a productive work week. As always, we have compiled the latest news stories on identity theft, cybersecurity and data breaches for your reading pleasure. So, scroll down to read about a new Countrywide lawsuit, cybercriminals preying on the unemployed, and new laws on retail data security.

Countrywide Sued For Data Breach
In a case that may be tied to an earlier insider data breach, Countrywide Financial has been slapped with a $20 million class action suit. The suit, filed by 16 former Countrywide customers in Ventura County Court, CA, charges that Countrywide Financial employees took and then sold tens of thousands or millions of its customers personal data files and exposed them to identity theft. This case comes nearly two years after a Countrywide employee was charged with stealing the identities and personal information of two million of the firm’s mortgage loan applicants. Rene Rebollo, a senior financial analyst at one of Countrywide’s California-based subprime lending divisions, took the information over a period of two years. This happened before Bank of America bought Countrywide in 2008. Read the full BankInfoSecurity article here.

Cybercriminals Prey on the Unemployed
Cybercrime is being used more and more to pay for…. cybercrime. The Wall Street Journal reports federal law enforcement has started to track increasingly common scams called “mule operations.” US job seekers are “hired” to buy things like expensive electronics, and ship the goods overseas, where scam operators sell them. In the end, the job applicants end up with neither a job nor a paycheck. A federal law-enforcement official said authorities have seen these types of fraudulent transactions fueling other cybercrime operations. Listen to the Fed News Radio Cybersecurity update here.

The Age of Data Privacy
In recent years, data privacy failures have harmed dozens of companies and become commonplace on the front pages of newspapers around the world. High-profile cases invite more regulatory activity, as well as scrutiny from customers and employees. In addition, companies face the challenge of managing a greater volume of sensitive information, created by increasing digitization of employee, health, financial, and other personal data. Read the full BusinessWeek story here.

After Google-China Dust-Up, Cyberwar Emerges as a Threat
Few events have crystallized U.S. fears over a cyber catastrophe, or brought on calls for a strategic response, more than the recent attacks against Google and more than 30 other tech firms. The company’s disclosure in January that it was attacked by China-based hackers — and its subsequent decision to scale back operations there — have stoked long-standing fears over the ability of cyber adversaries to penetrate commercial and government networks in the U.S. If a full-fledged cyberwar were to break out, the nation’s economy would be hit hard. Banks might not be able function, electricity, water and other utilities could be shut off, air travel would almost certainly be disrupted, and communications would be spotty at best — in a word, chaos. Read the full SF Chronicle article here.

New Law Aims to Shore Up Retail Data Security
Washington last week became the third state to pass legislation that will allow banks to recover certain costs and damages from retailers and credit card processors that suffer data breaches after failing to comply with current Payment Card Industry (PCI) standards. The law, which goes into effect on July 1 in Washington, follows similar laws passed in the states of Minnesota and Nevada and marks a fundamental change in the way government and private sector industries assign responsibility and accountability for preventing identity theft. Read the full eSecurity Planet article here.