1. Apple to Close iPhone Security Hole That Police Use to Crack Devices by Jack Nicas

An Apple spokesman confirmed this week that the company is planning to close what the New York Times referred to as a "loophole" in iOS that would have allowed law enforcement to hack into iPhones. The new feature, dubbed USB Restricted Mode, would prevent the phone's Lightning port from transferring data an hour after the phone is locked, something that will likely severely hamper hackers and law enforcement. This isn't exactly breaking news, especially if you've been following this space for the past couple of weeks. In fact we reported on this blog that Apple was testing the feature in beta releases just last week. What’s more interesting than the actual news at hand here is the fact that for some reason the New York Times, Reuters, the Washington Post, and the Wall Street Journal all held off reporting the story until Wednesday.

2. Randolph librarian wins surprise judgement against Equifax by Matt Hongoltz-Hetling

Sometimes it's the little things or in this story's case, the things you least expect. For Jessamyn West, a librarian at Randolph Technical Career Center, a technical school in Randolph, Vermont, it all came after she filed a case in small claims court over last year's mammoth Equifax breach. It cost West $90 to file the case and to her surprise the Judge presiding over the case, Bernard Lewis, the probate judge for the City of Chelsea in Orange County, Vermont, issued a ruling last week in her favor. Bernard said West was owed money to cover the cost of up to two years of payments to online identity protection services, plus her $90 filing fee. West is enjoying the fruits of her labor. The Valley News, a newspaper that services the area along the New Hampshire/Vermont border, around the 89/91 interchange recapped the story Tuesday. Even Krebs reached out to the librarian this week.

3. Dixons Carphone took nearly a year to discover massive data breach by Ben Woods

We learned this week that Dixons Carphone, an electronics retailer that services the UK, Ireland, and some of mainland Europe, has quite the security headache on its hands. The company announced via a statement Wednesday (.PDF) that it was hacked nearly a year ago, last July, to the tune of 1.2 million personal records. The attacker also attempted to access 5.9 million payment cards from one of the processing systems of Currys PC World and Dixons Travel stores. The company is stressing that the lion's share of cards, 5.8 million, have chip and pin protection, something which would prevent them from being used in card present transaction fraud but not card not present fraud, a transaction in which the cardholder doesn't have to present the card, like in online transactions.