May 16, 2007
Privacy and Security Watch: IBM loses tapes with personal information on current and former employees
It seems even the great IBM can be affected by such problems as losing tapes containing social security numbers and other personal information on employees and retirees, along with records of customer transactions.
According to this article, "An outside vendor was transporting the tapes from one IBM facility to another on Feb. 23 when the tapes fell out of a contractor's vehicle in Westchester County, N.Y., not far from IBM headquarters in Armonk. IBM representatives went to the scene and couldn't find the tapes."
For some reason, only some of the missing tapes were encrypted.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
According to this article, "An outside vendor was transporting the tapes from one IBM facility to another on Feb. 23 when the tapes fell out of a contractor's vehicle in Westchester County, N.Y., not far from IBM headquarters in Armonk. IBM representatives went to the scene and couldn't find the tapes."
For some reason, only some of the missing tapes were encrypted.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data security, IBM, Kuper, kuper report, lost, personal data, privacy, private, richard kuper
| FindJobsPostJobs.com | CareerHotList.com |
May 10, 2007
Privacy and Security Watch: University of Missouri Hacked For Second Time This Year
According to this article, The University of Missouri has been hacked for the second time this year. The hacker gained access to the social security numbers of over 22,000 students and alumni through a Web page that was used "to make queries about the status of trouble reports to the university's computer help desk."
Back in January, there was a similar breach. In that case, "a hacker obtained the Social Security numbers of 1,220 university researchers, as well as personal passwords of as many as 2,500 people who used an online grant application system."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
Back in January, there was a similar breach. In that case, "a hacker obtained the Social Security numbers of 1,220 university researchers, as well as personal passwords of as many as 2,500 people who used an online grant application system."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, college, data security, hack, Kuper, kuper report, personal data, privacy, richard kuper, school, security
| FindJobsPostJobs.com | CareerHotList.com |
May 05, 2007
Transportation Security Administration, a division of Homeland Security, loses hard drive with personal data on 100,000
According to an Associated Press report, "the Transportation Security Administration has lost a computer hard drive containing Social Security numbers, bank data and payroll information for about 100,000 employees."
The privacy and security of personal information is clearly not being addressed by government agencies, as previously reported in The Kuper Report and in various news reports over the years. This breach by a division of the Homeland Security Department is just the latest reported problem. As the Congress perhaps begins to address this problem in the private sector, it needs to also address this problem in the public sector. However, unless there are severe consequences for breaching the privacy, this problem will not end.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
The privacy and security of personal information is clearly not being addressed by government agencies, as previously reported in The Kuper Report and in various news reports over the years. This breach by a division of the Homeland Security Department is just the latest reported problem. As the Congress perhaps begins to address this problem in the private sector, it needs to also address this problem in the public sector. However, unless there are severe consequences for breaching the privacy, this problem will not end.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data security, government, homeland security, Kuper, kuper report, personal data, privacy, richard kuper, security, transportation security administration, tsa
| FindJobsPostJobs.com | CareerHotList.com |
April 26, 2007
Privacy and Security Watch: Lawmakers decry continued vulnerability of federal computers
Corporate computers are not the only ones being breached. The Federal Government (and state and local governments as well) are also not doing a good enough job of protecting the data from unauthorized access. In the case of the Federal Government, some of our lawmakers are finally waking up to this problem and speaking out about the issues. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data, data security, government, Kuper, kuper report, law, personal data, personal information, richard kuper, security
| FindJobsPostJobs.com | CareerHotList.com |
Privacy and Security Watch: Group calls for federal data security breach notification law
With the massive data breach of TJX (see various articles on TheKuperReport.com), several banks are suing TJX Companies Inc. over the data breach that "exposed at least 45.7 million credit and debit card holders to identity fraud." You can read more about that here.
Because of this and the many other breaches at other firms, the Cyber Security Industry Alliance (CSIA) is lobbying Congress to pass a law that will require companies that are breached to notify victims. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
Because of this and the many other breaches at other firms, the Cyber Security Industry Alliance (CSIA) is lobbying Congress to pass a law that will require companies that are breached to notify victims. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data, data security, government, Kuper, kuper report, law, personal data, personal information, richard kuper, security
| FindJobsPostJobs.com | CareerHotList.com |
April 03, 2007
Privacy and Security Watch: More Security/Identity Breaches and Issues
According to an article in ComputerWorld, "RadioShack Corp. dumped 'thousands' of customer records behind a store near Corpus Christi, exposing consumers to possible identity theft." The article goes on to say "According to Attorney General Greg Abbott, the Fort Worth-based company violated multiple state statutes, including the Identity Theft Enforcement and Protection Act, a 2005 law that requires businesses to protect and properly dispose of customer personal information."
But in another ComputerWorld article in the same state of Texas, it seems that "Texas Gov. Rick Perry has signed into law a bill that allows the state's county and court clerks to disclose "in the ordinary course of business" Social Security numbers contained in documents held by their offices."
So, at least in Texas, Social Security numbers are no longer considered protected data if they exist in "public records held by clerks in the state" but are protected data if held by anyone else. So if you have public documents containing personal data, such as mortgage records and tax liens in the state of Texas, your private information, already being posted by Texas to the internet and for sale unredacted, is no longer protected.
And now your browser may be used to capture your personal information on your computer and as a hacking tool against others. According to another article in ComputerWorld, javascript code that could be used to turn a Web browser into a hacker's tool is now available on Internet.
Meanwhile, in yet another ComputerWorld article we are told that there is a critical Windows flaw that Microsoft has apparently known about since December 2006 that affects Windows 2000 SP4, XP SP2, Server 2003 (up to SP2), and even Vista (both 32- and 64-bit versions). Microsoft was apparently in no hurry to fix this but the pressure has mounted and they are supposedly rolling out a fix soon. This critical flaw will allow a rogue program to "run malicious code on a victimized PC, infecting it with spyware, stealing identity information or adding it to a botnet of hijacked systems."
To borrow from a tag line in an old TV show (NYPD Blue, if memory serves):
"Be careful out there."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
But in another ComputerWorld article in the same state of Texas, it seems that "Texas Gov. Rick Perry has signed into law a bill that allows the state's county and court clerks to disclose "in the ordinary course of business" Social Security numbers contained in documents held by their offices."
So, at least in Texas, Social Security numbers are no longer considered protected data if they exist in "public records held by clerks in the state" but are protected data if held by anyone else. So if you have public documents containing personal data, such as mortgage records and tax liens in the state of Texas, your private information, already being posted by Texas to the internet and for sale unredacted, is no longer protected.
And now your browser may be used to capture your personal information on your computer and as a hacking tool against others. According to another article in ComputerWorld, javascript code that could be used to turn a Web browser into a hacker's tool is now available on Internet.
Meanwhile, in yet another ComputerWorld article we are told that there is a critical Windows flaw that Microsoft has apparently known about since December 2006 that affects Windows 2000 SP4, XP SP2, Server 2003 (up to SP2), and even Vista (both 32- and 64-bit versions). Microsoft was apparently in no hurry to fix this but the pressure has mounted and they are supposedly rolling out a fix soon. This critical flaw will allow a rogue program to "run malicious code on a victimized PC, infecting it with spyware, stealing identity information or adding it to a botnet of hijacked systems."
To borrow from a tag line in an old TV show (NYPD Blue, if memory serves):
"Be careful out there."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data security, identity, kuper report, personal data, personal information, privacy, security, social security
| FindJobsPostJobs.com | CareerHotList.com |
Who links to me?
