AlertBoot Endpoint SecurityAlertBoot Endpoint SecurityEndpoint security blog focusing on data breaches and losses at various companies and how such the catastrophic consequences can be avoided with the right security software. Articles
Hard Drive Encryption A Needed Solution In Light Of BP Internal Memo
2008-05-03 07:07:00 A recent memo by British Petroleum (BP) shows why companies may want to step up their information security practices. According to easybourse.com, the UK oil colossus has been having a heck of a time cleaning up after messes not caused by oil spills. Some of the messes include the theft of a laptop with executive pay details (what happened due to the theft?if anything?hasn?t been revealed, as far as I know), the theft of BP employee identities by an national sales director for BP, and the near collapse of a deal brought by access to highly confidential documents. Breaches in data security could have been prevented in each case. For example, the laptop theft wouldn?t necessarily lead to a data breach if the computer in question had protection. There are many ways to protect data on a laptop, but for instances where the entire thing is stolen, nothing beats full disk encryption. Disk encryption of the entire hard drive effectively puts the data in... More About: Encryption , Drive , Hard , Internal , Light
Full Disk Encryption Can?t Be Trumped By Cardboard Boxes
2008-05-02 06:11:00 An administrative office handling the details of patients at Staten Island University Hospital, in New York, has lost a computer with information on 88,000 patients. Surprisingly, the theft happened four months ago, but is only being announced today. What?s also surprising is that the suspect was able to snag the computer?no word on whether it was a laptop (not that it would matter)?with the help of a cardboard box: he popped the computer into the box and strolled out the door. I?m inclined to believe that the computer was a desktop just because the box was used?and another prime example why the medium doesn?t matter. That is, people raise the issue of sensitive data being stored on laptop computers, but this is really a non?issue, as I keep pointing out. If thieves have proven anything, it?s that anything can be stolen, and quite easily to boot. But the physical theft of computers is not what?s at stake for most companies. Nope. Rath... More About: Encryption , Disk , Full , Trumped , Cardboard
Hard Drive Encryption To The Rescue: UK Making Data Loss Illegal
2008-05-01 07:58:00 It looks like the last six months of information security breaches have prodded the UK legislature to do something about it. The House of Lords has decided to make data loss illegal, backing an amendment that would make anyone guilty of breaking the law if he or she ?recklessly or intentionally reveals personal data on someone.? There were some who wanted to make the new law applicable to government workers only, but this was dismissed by (quite logically) concluding that ?if you?re a member of the public it doesn?t actually matter if it is the public or private sector that is losing your data.? An argument that pretty much anyone can agree to. However, the deal is not sealed yet; the House of Commons must also approve the amendment. Hopefully, the House of Commons?s sense of urgency regarding this issue is as paramount to them as to the House of Lords. If the amendment passes both houses, what does it mean for organizations in the UK? Wel... More About: Encryption , Drive , Data , Hard , Loss
Full Disk Encryption Missing From Laptop Stolen In FC Barcelona Office
2008-05-01 07:47:00 Well, that?s the implication of FC Barcelona ?s press release. Of course, those in the US will be asking ?what? Who?? FC Barcelona is a Spanish sports club, most famous for its soccer team (the FC stands for ?futbol club?) and star striker, Ronaldinho. You may remember Ronaldinho from his Nike ad where he keeps striking the top of the goal post with a soccer ball and receiving it back during practice (of course, since this was an ad campaign for selling shoes, the entire thing was fake?but still impressive to behold). One of the premier soccer clubs, FC Barcelona is also one of the richest in the world with revenues of over $400 million dollars, and Laporta is the head honcho. With such money, you?d imagine that they could afford decent security. Apparently, the thief climbed into Laporta?s office though the window and made off with his laptop computer. According to some reports, the Laporta is incensed, not just because his computer (which... More About: Office , Encryption , Laptop , Disk
Hard Drive Encryption Part Of Risk Management Arsenal
2008-04-30 07:52:00 Financialweek.com is reporting that theft of data is fueling interest in errors and omissions insurance, also known as E&O insurance. What exactly is E&O insurance? The name makes it pretty self?evident: it?s insurance to cover any accidents or mistakes you may make (or the client perceives you have made) while providing a service. Depending on the profession, it may be called malpractice insurance (medicine) or professional liability insurance (lawyers, architects, etc.) E&O actually covers more than the results of mistakes, however. It also covers defense costs as well, according to the insurancejournal.com. And why are companies looking for this type of insurance? Because accidents happen, especially when it comes to data. Even with the implementation of best practices in risk assessment and management, there is no way to account for all the vicissitudes that life presents you and your company. What has all of th... More About: Arsenal , Encryption , Management , Risk Management , Drive
Full Disk Encryption Has One Thing Over File Encryption: Bank of Ireland Up
2008-04-29 07:28:00 Last week, the Bank of Ireland (BoI) had announced that four laptop computers lost over the past year or so could have affected 10,000 customers. The BoI has updated the number of customers affected to over 30,000, per the investigation they were conducting after the announcement. There has been a lot of criticism on the BoI?s actions, or lack thereof: they had waited nearly a year to alert their customers about the increased risk of identity theft they were facing. The BoI for its part countered the criticism by saying that they didn?t want to alert the thieves about the true worth of the stolen laptop computers. Today?s revelation by the BoI is not really surprising. Similar post?announcements have been conducted in the past when other organizations have had to revise the number of affected clients affected by stolen computers, be they laptops or otherwise. Gaffes like these arise for quite simple reasons, really: we never have a complete of ... More About: Encryption , File , Disk , Full
Full Disk Encryption Can?t Help You If You Don?t Have it. Paying Attention
2008-04-26 07:50:00 A computer was stolen from the General Internal Medicine of Lancaster offices, a medical practice in East Hempfield Township, Pennsylvania. The computer, a laptop, contained names, addresses, telephone numbers, and Social Security numbers of many?not all?patients. The laptop computer was being used as something of a file database. According to the practice manager, they were in the process of scanning paperwork, required for insurance purposes, and storing the image in the laptop. The paperwork would eventually be burned. Ultimately, the digital records would go on disks. The laptop was stolen when an employee briefly left the scanning area. When the employee returned, the laptop was missing. No word on whether there was laptop encryption on the stolen computer. Could full disk encryption have helped in this case? Not in preventing theft, of course, but ensuring that the theft doesn?t result in a data breach? Perha... More About: Encryption , Disk , Full , Attention
Was There Full Disk Encryption Or Not? IT Director?s Statement Confusing
2008-04-25 07:32:00 The *** Cancer International Research Group (BCIRG) office in Edmonton, Canada, was broken into, and three laptops were stolen. Two of them were brand new and unused, so the chance of a data breach is not there at all. However, one of the laptops stolen was already in use. The IT director for BCIRG has assured the public that the chance of an information security breach are remote (no word on whether there was sensitive data in that one laptop) because ?a password was connected to a hard drive,? according to a quote from edmontonsun.com. This statement is a little confusing for a couple of reasons. One: generally, a password doesn?t mean bupkis when it comes to data protection, unless that password is used to access encrypted data; I?d imagine that an IT director would be aware of this. Which brings me to confusion point number two: was there encryption on that hard drive? In other words, was a whole disk encryption product like Ale... More About: Encryption , Disk , Full , Director , Statement
Full Disk Encryption: Possibly The Best Tool To Prevent A Company From Maki
2008-04-24 07:44:00 It wouldn?t be a long stretch to say that companies that fall victim to an information security breach have a public relations problem in their hands. Admitting (or in some cases, just alerting?no admitting allowed) that a company has inconvenienced their clients has never been a good move. And so the spin?doctors were born. In some cases, it seems a better term would be spin?quacks. I mean, the last thing a company wants to do if subject to a data breach is to appear incompetent. Granted, incompetence?or its flipside, a sunshine information security policy of ?everything will be fine; computer theft happens to everyone else. Let?s go have a picnic and leave our laptops on a table while we go have a dip in the lake. That?s how we secure things at Pollyanna, Inc.??is probably what caused the problem in the first place, so the quacks have their work cut out for them. But do they have to keep making weird pronouncements that obviate any ... More About: Encryption , Company , Disk , Tool , Full
CollegeInvest Loses Computer Hard Drive Lacking Full Disk Encryption
2008-04-23 07:09:00 CollegeInvest, a not-for-profit division of the Colorado Department of higher education, is alerting customers?approximately 200,000 of them?that their personal information may have been compromised. Details are still sparse; for example, I am unable to find what type of personal information could have been exposed in this particular case. Makes me wonder if the state of Colorado is exercising a little precaution so that nobody goes around looking for 200,000 entries of sensitive information on a random hard drive they picked up. According to CollegeInvest, however, there is no need to panic because the data was secured with passwords as well as saved in a format that is difficult to access. The frustrating thing about all this secrecy is that one can?t have an idea on how vulnerable he might be to identity theft. For example, consider the password that is securing the data, supposedly. Based on what I?m reading, it sounds like the device that w... More About: Encryption , Computer , Drive , Disk , Hard
Full Disk Encryption And Physical Security: Locked Servers Stolen
2008-04-22 07:04:00 Pogowasright.org is reporting that Central Collection Bureau (CCB), a private company in Indiana, has had a security breach that could potentially affect over 700,000 people. According to the site, eight computers were stolen from the CCB plus a server. Other sites claim that the server was part of the eight computers; there is a lot of confusion, with everyone trying to upload the story ASAP. Regardless, everyone agrees that this is very bad news, and it has affected at least 159 companies (there?s a list out there in cyberspace. Thank goodness for comma delimiting and file imports in Excel). Why is this bad news? Because the information was stored as a clear text file. That is, the contents were not encrypted. The information in question includes dates of birth, last known address, names, Social Security numbers, and, in some cases, medical codes (not sure what they are; hopefully, they?re just internal codes used by a hospital, and not t... More About: Encryption , Servers , Locked , Disk
Bank Of Ireland Loses Laptops Without Hard Drive Encryption
2008-04-22 06:59:00 Bank of Ireland customers, nearly 10,000 of them, have had their information stolen. Between June and October of last year, four laptops were stolen from the bank?s life assurance division. The information breach included data on personal pension plan details, dates of birth, addresses, and bank account details. Whole disk encryption solutions like AlertBoot were not featured in the stolen laptops. However, the bank must have realized at some point that full disk encryption is a convenient way of securing the data on their computers: the bank is in the process of encrypting all 5000 of them, which will take about two weeks. This certainly pales in comparison to how the other type of bank in Ireland handled a similar situation earlier this year. In February, an Irish blood bank had reported that almost 175,000 people could have been affected by the theft of a laptop (actually, a mugging). But, chances are they weren?t and won?t be because t... More About: Laptops , Encryption , Drive , Hard
Between Honesty and Full Disk Encryption, I’ll Take The Latter
2008-04-18 06:42:00 Not long ago, I sat next to a medical doctor on a flight. We got to talking and I found that he was from some small town in Mexico. He found out that I had done quite a bit of traveling. He asked me if it was true what they said of Japan, that if one lost his wallet, he’d get it back with all the contents intact. The above story the good doctor was referring to is something of a meme—one of those ideas that propagates within a culture (and in this case, without) and doesn’t quite die. Well, I guess the meme would technically be the Japanese culture’s value for honesty, and the above story a reflection of such a meme. Either way, for the Japanese Ministry of Culture, it’s probably a good thing: given the choice of traveling to a country of thieves and a country of saints, which would you choose? Assuming the saints also know how to liven things up, that is. Now, the above gentleman was quite a bit advanced in his years, so I could... More About: Encryption , Disk , Full , Honesty
Full Disk Encryption Could Be Bypassed Using Chocolate
2008-04-18 06:40:00 Or at least, that would be the logical conclusion to some surprising findings on a survey by Infosecurity Europe. On the other hand, it may just mean that more women than men in London will lie for a bar of chocolate. The Infosecurity survey asked total strangers for passwords on their survey sheets, and a chocolate bar was offered as a token of appreciation; I assume the chocolate was pointed out prior to volunteers filling in the survey. Only 10% of men accepted the deal, which contrasts sharply with 45% of women who accepted. The thing is, of course, that there is no way for the surveyors to verify the authenticity of the submitted password. Heck, I?ll bet that, if anything, the passwords written down were even more secure than the passwords actually used by people in real life. (I would have written something like ?sjans@#$#@@#@!!!!!? Sure, I wouldn?t remember it if you asked me five minutes later, but what the hell do I care, right?)&n... More About: Encryption , Disk , Chocolate , Full
Lack Of Hard Drive Encryption Strikes Again At A University?
2008-04-17 07:14:00 The University of Virginia has announced that over 7000 students, staff, and faculty members may have been affected by the theft of a laptop computer. For the time being, the university is not identifying whose laptop it was or where it was stolen from. This is per the request of the police who no doubt don?t want to clue?in the thief of the potential bonanza he holds in his hands. The laptops contained names and Social Security numbers. Other than this, details are pretty sparse?with the exception that the theft did not occur on UVA?s campus. Of course, this implies one of two things: one of UVA?s employees lost it after taking it off campus or someone working for UVA lost it, say, an outside consultancy that keeps track of finances. Based on the fact that students and others have been notified of this theft, I assume that the laptop in question did not have any data protection safeguards, such as full disk encryption, one of the services offered by ... More About: Encryption , Drive , Hard , Hard Drive
Full Disk Encryption May Still Be The Most Effective Way To Protect Your Da
2008-04-16 05:50:00 Symantec is reporting in a new study that the theft of computers and storage devices accounted for the majority data breaches in 2007. Malicious software is growing and claiming a greater share of data breaches?and unique variants of such software have quadrupled last year?but stolen hardware is still the front-runner when it comes to stolen data. This finding may be surprising to some. However, I wouldn?t find it surprising, especially if CD and DVD discs, as well as flash drives, are included under the heading of ?hardware.? Also, those cursorily following news on security breaches may find the results surprising as well. This is because a number of security experts have emphasized in recent months other forms of data security, almost downplaying the importance of encryption. In all fairness, what those security experts were trying to emphasize was that hard drive encryption is not a panacea. I haven?t compiled any figures, but it certai... More About: Encryption , Disk , Full , Effective
Disk Encryption Saves Big Mac?ing Soldier
2008-04-15 07:46:00 As readers of this blog know, the UK has had quite a string of security breaches over the past six months or so. And the biggest victims have been the various government services (and by extension, a boatful of regular UK joes. In a particular case, up to half the UK population fell victim to an information security breach). The UK military was one of those affected. Due to continuing data breaches the UK military instituted a policy where laptop computers couldn?t be taken outside secure perimeters unless full disk encryption was employed. This, however, did not deter military personnel from ignoring said policy. An officer promptly lost an unencrypted laptop at a pub within two weeks. However, there are signs that the UK military efforts are succeeding. A couple of days ago, a military laptop was stolen while the soldier chowed down at a McDonald?s. The thief was quite brazen, since the laptop was under the soldier?s chair.&n... More About: Encryption , Disk , Soldier
School District Director Finds He Needs Hard Drive Encryption
2008-04-15 07:42:00 Darrin Pike, director of 120 schools in the Eastern School District of Newfoundland and Labrador, Canada, has recently found that data security is not always relegated to making sure hackers from China and Russia invade his schools? networks. Last week, two teenagers were arrested for stealing computer equipment from an elementary school in the Eastern School District. The theft resulted in three computers, one of them the school?s mainframe, and two monitors being taken from school grounds. The school breach involved the names, addresses, phone numbers, and medicare numbers of 84 students. It isn?t believed, however, that the two went after the computers because of the sensitive information; rather, this was more of a grab?and?go situation. According to a quote in the cbcnews.ca, Pike said that ?We were so focused for a long time on that whole idea of access to data being something through the internet?[we] weren't counting on the physical break-... More About: Encryption , Drive , Hard
NIH Full Disk Encryption Issue: Eating My Words
2008-04-12 06:15:00 This is what I get for giving someone the benefit of the doubt. The NIH is now reporting that Social Security numbers were included in the laptop stolen earlier this year. If you will recall, a researcher placed his laptop, which was supposed to be protected via hard disk encryption, in his car trunk and someone made off with the computer. At the time, I had tipped my hat to the NIH (it was a slight tip) because they had the sense to not use SSNs as identifiers for patients involved in a heart study. Well, an analysis of backup data for the stolen laptop has shown that Social Security numbers for 1,200 patients were included. Oops. That affects nearly half of the 3,000 patients who were enrolled in the study. At least, to the NIH?s credit, they?ve really decided to act fast on the issue. Instead of holding meetings for months on end, trying to figure out what to do, they?ve already sent missives to ensure that all laptops are encrypt... More About: Encryption , Disk , Words , Full , Eating
Full Disk Encryption A Perfect Companion for Home Cooked Meals
2008-04-11 07:40:00 The Home Restaurant in Canada has been a victim of a computer data breach. From what I can find on the Internet, the Home Restaurant is a small chain that specializes in providing homemade?like meals in a homey atmosphere. The problem is that such idyllic establishments can?t shelter themselves from the ugly aspects of life. Like a break in. According to The Vancouver Sun, a computer was stolen between two and four in the morning this past Wednesday. And according to the RCMP?s report, the stolen computer contained credit card and bank card information. The fact that the restaurant was broken into is not surprising. Neither is the fact that something got stolen. What is surprising, though, is that a restaurant was keeping an electronic record of customer credit cards. Why would a restaurant need to do this? A phone company, I can see it happening; you?ve got recurring monthly charges. But a restaurant? Most bu... More About: Encryption , Disk , Full , Perfect
How Full Disk Encryption Could Solve Problems For Australian Hospital Accus
2008-04-09 07:26:00 The Royal Perth Hospital in Perth, Western Australia, has been accused of being remiss with customer data by The Sunday Times. According to the newspaper, up to 500 computers containing personal information?including names, addresses, dates of birth, and medical conditions?have been tossed away by the hospital with nary a thought on data security. Supposedly, the old computers were placed in a dumpster behind the hospital; some of them have been there since November. This is hotly being contested by the hospital which claims that computers are collected every day by contractors specifically hired to crush and dispose of the computers. In addition, the hospital says, the hard drives are wiped clean when they?re thrown out. Even the health minister got into the act, accusing The Sunday Times of stealing hospital computers and hacking into them. The newspaper is rejecting the accusations, noting that the computers were not picked up for several days, at ... More About: Encryption , Disk , Problems , Australian
Disk Encryption Not Present In Lost HSBC Data Disk
2008-04-08 08:10:00 HSBC, the biggest bank in the UK, and possibly in the world, has admitted that they?ve lost a CD with information on 370,000 customers. The disk was password?protected, but there was no encryption. The information was needed by a reinsurer to HSBC, and included names, dates of birth, insurance policies, and the smoking status of the policyholders. Information such as address or bank account details were not included. In its letter of apology to customers, the bank said that ?the data disc lost by HSBC contains no address or bank account details for any customer and would therefore be of very limited, if any, use to criminals.? According to the bank, the same information is usually transferred over the wires, via a secure link; however, that link was out of service on that particular day, and someone in the lower echelons decided to send the data on a burned CD. Via regular post. Unregistered. And depending on who?s reporting the story, thi... More About: Lost , Encryption , Disk , Data , Present
Consumer Privacy Lawmaker?s Data Breached In NIH Fiasco: Where?s The Full D
2008-04-05 07:48:00 Here?s one for your uh?oh files. According to the Associated Press and other sources, the recent loss of a laptop that contained patient records for a National Institutes of Health cardiac study contained information on Representative Joe Barton, a Texas Democrat and co?chairman of the Congressional Caucus on consumer privacy protection. Barton suffered from a heart attack in 2005, and decided to participate in an NIH study. He says that he wasn?t aware, until he received a notice via FedEx, that he was part of the 2500 people affected by the data breach. Oh, I?m sorry. Did I say 2500? Because I meant 3000. According to the NIH, a clerical snafu affected the tally of patients affected by the laptop theft. I don?t doubt that the NIH must have some sophisticated methods for ensuring the privacy of volunteers participating in their research studies. However, the recent media coverage is painting them in an unflattering light.... More About: Data , Consumer , Privacy , Full , Fiasco
Is Full Disk Encryption On Its Way Out? Intel Developing New Chip To Deter
2008-04-04 06:38:00 Intel has announced yesterday via The Register that they are beginning to work on an initiative called the Intel Anti Theft Technology (ATT). The aim, according to Intel?s Mobility Group Chief, Dadi Perlmutter, is to deter instances of laptop theft. (The other, unspecified aim could be to get sued by a global telecom company.) Based on what I?ve read, this idea came about because certain data security solutions, like whole disk encryption, are effective in the aftermath of theft but does not have any theft?preventing features. Indeed, if the objective was to secure a powerful laptop, the thief could just install a new operating system over the encrypted data and he would have a brand new computer; the fact that the laptop featured hard drive encryption wouldn?t even be a minor inconvenience. The details of the new initiative are hazy since it is at its very early stages, but the approach Intel has in mind may be to render the CPU useless in the event of thef... More About: Encryption , Intel , Disk , Full , Chip
Indian IT Act Update: Multiple Security Measures Will Be Required, Includin
2008-04-03 07:21:00 It looks like India is updating their laws to reflect the realities of the times we live in. According to The Economic Times, the new IT Act will be updated so that the custodians of electronic data are blamed in the event of a data breach. More specifically, if an unauthorized person uses personal data that is obtained electronically, the companies that came in contact with the data would be held liable. This update seems to have stemmed from the endless data breaches that are occurring across the world, more specifically in the United States and Europe. Since the companies that invest in the Indian IT sector are heavily represented by these two regions, it only makes sense that India would eventually pass data protection legislation that resembles that of the US and Europe. India already had provisions for data protection in their laws. However, it was vague on who was responsible in the event of an actual data breach. The updated a... More About: Security , Update
Road Warrior Airport Hazard. Why Full Disk Encryption Matters
2008-04-02 07:43:00 The Computerworld website has a blog called the "Shark Tank." It's a blog where readers send in their IT stories, usually involving an instance where the IT guy is right and the non-IT guy is wrong. Sometimes I will commiserate with the one, sometimes with the other. What I find from reading this particular blog is the extent of random happenstances that can occur, and why in the long run it pays to have hard drive encryption. For example, the latest entry that I have read involves a road warrior who has returned from a business trip and finds he cannot access his laptop. On top of that, he finds his cell phone has been stolen from his computer bag. He calls the IT guy, who promptly points out that this cannot be the road warrior?s laptop. Turns out, road warrior guy must have grabbed the wrong computer bag?an identical one to his?at the airport, which happened to contain the same exact computer model he was using. Chanc... More About: Encryption , Airport , Disk , Full , Road
Prison Loses USB Drive With Data On 3500 Visitors. Disk Encryption Not Use
2008-04-01 07:44:00 The San Quentin State Prison has announced that it has lost a flash memory drive with information on more than 3500 people. The information included driver?s license numbers, names, and dates of birth. The 3500 people were volunteers or groups who toured the facility. Toured the facility. Considering that San Quentin is still an active prison?in other words, more like Sing Sing than Alcatraz?it?s kind of hard to understand how (or why) groups tour the facility. However, it is true that Johnny Cash performed a live concert there, and in 2003 Metallica filmed their entire music video for St. Anger from that location as well. Which, actually, is testament to why you wouldn?t want to tour that place: not only because of the charming guys in orange jumpsuits, but as the correctional officer clearly states, the state of California has a no?hostages policy. That is, the state will not negotiate for your release in the unlikely event you are taken ... More About: Encryption , Drive , Disk , Data
New Cold Boot Device Developed To Steal Passwords From Disk Encryption Prot
2008-03-29 06:40:00 The Register reports that IntelGuardians, a penetration?testing firm, has built up on the Princeton research that showed how to extract encryption keys from computer memory, RAM. They?ve created a device and named it ?DaisyDukes,? and it plugs into a computer via the USB port. No word on whether the device comes encased in cut?offs. It?s still in beta mode, so anything could happen? Although, truth be told, I?m guessing they?ve christened the device after the TV character because the bombshell was able to wangle her way into pretty much anything. Based on what I?ve read, it sounds like the new device is very similar to the device the Princeton researchers had showcased last month. IntelGuardians has a spin on the original device and research, though: they?ve found that passwords, not just encryption keys, remain in RAM as well. In fact, it turns out that passwords have a distinct signature from one application to another, and these will rem... More About: Encryption , Disk , Cold , Device , Steal
Stolen Bank Hard Drive Has One Million Customer Records And No Hard Disk En
2008-03-28 05:54:00 A former programmer at Compass Bank stole a hard drive containing the information of one million customers from his employer. He tried, with an accomplice, to execute card fraud by encoding the stolen information on blank debit cards. He had created about 250 cards, and had successfully gotten money using 45 cards prior to being arrested. Cognizant that banks operate security cameras and flag instances where a great deal of money is taken out from an ATM machine, the programmer tried cover his tracks by wearing a disguise and taking out relatively small amounts of cash, usually $500 or so. The crime originally occurred in May of last year, but nobody was wise to the story until the thief was sentenced last week. Turns out that Alabama is one of 11 states that does not require automatic notification of personal information breaches. However, the bank did have the good sense of letting the 250 customers know what happened. In instances like ... More About: Drive , Disk , Customer , Stolen , Hard
HMO Data Breach Exposes Private Information On?Line. How Device Encryption
More articles from this author:2008-03-27 06:04:00 BlueCross BlueShield is certainly having a busy 2008. And it?s just the beginning of the year! A CareFirst BlueCross BlueShield dental HMO, The Dental Network, has announced that the private information, of mostly Maryland and D.C. residents, has been available on the internet for a period of two weeks. The accident may have affected approximately 75,000 people by exposing names, addresses, and dates of birth. Incidents like these are nothing new, and will continue to happen due to human error: move or save the contents of a sensitive file to the wrong computer directory (aka, document folder), and all of a sudden it can be found on the internet. The principle is not unlike that of P2P software, if you?re familiar with such applications. Most P2P software gives you exact control on which folders are available for sharing. Share the wrong folder, and all the files in that directory can be accessed by anyone. Likewise, a website is comp... More About: Information , Encryption , Data , Private , Device 1, 2, 3, 4, 5, 6 |
|
 |
|
 |
