Archive for December, 2009
It’s Been a Bad Year of Data Breaches
As the year draws to a close, it’s handy to take a look back at a year’s worth of trouble. As expected, the headlines just kept flowing, with lost devices leading the charge. The steady flow of data into the wrong hands seemed to pick up momentum this year, as always.
For a recap of this [...]
Tip of the Week: Don’t Keep All Your Eggs (Passwords) In One Basket
This week’s Tip centers once again on password security. Think it doesn’t matter? Consider the rash of recent reports such as the Verizon 2009 Data Breach Investigations Report that once again show how password security is apparently lost even on professions whose job it is to ensure it!
Talk to ten people on the street, and [...]
Red Tape Chronicles: After Data Loss, ID Theft Soars
Bob Sullivan over at The Red Tape Chronicles has posted an excellent piece on “Dear John Data Letters,” a name he’s given to the all-too-common notification letters that breaching organizations send to their “victims” (their customers whose data they’ve lost).
He says, “I call them Dear John data letters, because of the bad news they bring [...]
Rip of the Week: 83,524 Breached by Clinic’s Lost USB Drive
Ontario’s privacy commissioner is investigating a huge breach up north. A USB drive containing personal health information of more than 80,000 people who went to flu clinics in Durham Region, was lost by a public health nurse who was taking it to a vaccination clinic.
The data includes “names, addresses, phone numbers, dates of birth, health [...]
Tip of the Week: Shut Down Unused Ports
I realize that for seasoned IT pros some of the tips here come from the Captain Obvious department. But if that’s true, why are they so unbelievably prevalent out in the wild?
They are obvious, but they’re rarely handled. We have to start somewhere.
One “obvious” basic step toward system security–be it server or PC security–is to [...]
Rip of the Week UPDATE: Two Stolen Blagojevich Lawyer Computers Recovered
In an update to a recent Rip of the Week about computers stolen from Rod Blagojevich’s lawyers, which may contain sensitive information about his case, news has broken that two of the eight computers have been recovered.
So far there aren’t any details about how the recovery was made, but the law office is relieved that [...]
Rip of the Week: Beijing Center for Chinese Studies (USA) Stolen Laptop Breaches Applicants
This week’s rather classic breach involves The Beijing Center for Chinese Studies, who notified applicants to its programs that their personal information may now be compromised due to a stolen laptop.
According to the entry at DataLossDB, BCCS International Director Roberto Ribeiro sent a letter to at least one Attorney General (New Hampshire), alerting about the [...]
Tip of the Week: Patch the Jugular First…Or Just Patch Something First
People tend to get overwhelmed. We all do. Our ToDo lists are ten miles long and getting longer. We are long on good intentions and short on implementation, often with valid reasons.
As I’ve been wading through study after study, report after report, commentary upon commentary, it seems clear that there are, well, a lot of [...]
Entries (RSS)