April 26, 2007
Privacy and Security Watch: Lawmakers decry continued vulnerability of federal computers
Corporate computers are not the only ones being breached. The Federal Government (and state and local governments as well) are also not doing a good enough job of protecting the data from unauthorized access. In the case of the Federal Government, some of our lawmakers are finally waking up to this problem and speaking out about the issues. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data, data security, government, Kuper, kuper report, law, personal data, personal information, richard kuper, security
| FindJobsPostJobs.com | CareerHotList.com |
Privacy and Security Watch: Group calls for federal data security breach notification law
With the massive data breach of TJX (see various articles on TheKuperReport.com), several banks are suing TJX Companies Inc. over the data breach that "exposed at least 45.7 million credit and debit card holders to identity fraud." You can read more about that here.
Because of this and the many other breaches at other firms, the Cyber Security Industry Alliance (CSIA) is lobbying Congress to pass a law that will require companies that are breached to notify victims. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
Because of this and the many other breaches at other firms, the Cyber Security Industry Alliance (CSIA) is lobbying Congress to pass a law that will require companies that are breached to notify victims. Read all about it here.
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data, data security, government, Kuper, kuper report, law, personal data, personal information, richard kuper, security
| FindJobsPostJobs.com | CareerHotList.com |
April 03, 2007
Privacy and Security Watch: More Security/Identity Breaches and Issues
According to an article in ComputerWorld, "RadioShack Corp. dumped 'thousands' of customer records behind a store near Corpus Christi, exposing consumers to possible identity theft." The article goes on to say "According to Attorney General Greg Abbott, the Fort Worth-based company violated multiple state statutes, including the Identity Theft Enforcement and Protection Act, a 2005 law that requires businesses to protect and properly dispose of customer personal information."
But in another ComputerWorld article in the same state of Texas, it seems that "Texas Gov. Rick Perry has signed into law a bill that allows the state's county and court clerks to disclose "in the ordinary course of business" Social Security numbers contained in documents held by their offices."
So, at least in Texas, Social Security numbers are no longer considered protected data if they exist in "public records held by clerks in the state" but are protected data if held by anyone else. So if you have public documents containing personal data, such as mortgage records and tax liens in the state of Texas, your private information, already being posted by Texas to the internet and for sale unredacted, is no longer protected.
And now your browser may be used to capture your personal information on your computer and as a hacking tool against others. According to another article in ComputerWorld, javascript code that could be used to turn a Web browser into a hacker's tool is now available on Internet.
Meanwhile, in yet another ComputerWorld article we are told that there is a critical Windows flaw that Microsoft has apparently known about since December 2006 that affects Windows 2000 SP4, XP SP2, Server 2003 (up to SP2), and even Vista (both 32- and 64-bit versions). Microsoft was apparently in no hurry to fix this but the pressure has mounted and they are supposedly rolling out a fix soon. This critical flaw will allow a rogue program to "run malicious code on a victimized PC, infecting it with spyware, stealing identity information or adding it to a botnet of hijacked systems."
To borrow from a tag line in an old TV show (NYPD Blue, if memory serves):
"Be careful out there."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
But in another ComputerWorld article in the same state of Texas, it seems that "Texas Gov. Rick Perry has signed into law a bill that allows the state's county and court clerks to disclose "in the ordinary course of business" Social Security numbers contained in documents held by their offices."
So, at least in Texas, Social Security numbers are no longer considered protected data if they exist in "public records held by clerks in the state" but are protected data if held by anyone else. So if you have public documents containing personal data, such as mortgage records and tax liens in the state of Texas, your private information, already being posted by Texas to the internet and for sale unredacted, is no longer protected.
And now your browser may be used to capture your personal information on your computer and as a hacking tool against others. According to another article in ComputerWorld, javascript code that could be used to turn a Web browser into a hacker's tool is now available on Internet.
Meanwhile, in yet another ComputerWorld article we are told that there is a critical Windows flaw that Microsoft has apparently known about since December 2006 that affects Windows 2000 SP4, XP SP2, Server 2003 (up to SP2), and even Vista (both 32- and 64-bit versions). Microsoft was apparently in no hurry to fix this but the pressure has mounted and they are supposedly rolling out a fix soon. This critical flaw will allow a rogue program to "run malicious code on a victimized PC, infecting it with spyware, stealing identity information or adding it to a botnet of hijacked systems."
To borrow from a tag line in an old TV show (NYPD Blue, if memory serves):
"Be careful out there."
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, data security, identity, kuper report, personal data, personal information, privacy, security, social security
| FindJobsPostJobs.com | CareerHotList.com |
Who links to me?
