The breach of the presidential candidates’ passport files were widely reported over the past few days, such as here and here, not to mention the many postings referencing it as “passport-gate” throughout the blogosphere and the political implications. However, based upon what I’ve been reading it looks more like the result of a poor, inadequate and vulnerable information security program.
There are many information security and privacy issues involved with this incident. It would make a great case study to use at a joint meeting with your information security, privacy and compliance folks. Some of the questions to include in your discussion could include…

(more…)