Archive for January, 2007

UNI Computers Compromised: Is There a “Typical” Breach?

Friday, January 5th, 2007

Today I read a story appearing in the Des Moines Register, “Computer breach at UNI exposes some personal data” about a breach that occurred at one my alma maters, the University of Northern Iowa.
It bothered me the non-chalant way in which a computer breach was described as being “a pretty typical breach” by the Assoc. VP for Information Technology.
It makes it sound as though such breaches are to be expected. If appropriate safeguards are in place, though, these types of breaches should not occur.

(more…)

Michigan Inacts New Identity Theft and Breach Notice Law

Thursday, January 4th, 2007

Yesterday (January 3) Michigan’s governor, Jennifer M. Granholm, signed a new identity theft and breach notification law, SB 309.

“Today’s technology has taken commerce and communication to new heights, but it also puts citizens at additional risk of identity theft as ever-increasing amounts of personal information are stored and transmitted electronically,” Granholm said. “While I am pleased to sign legislation that provides critical information to consumers, we must do more to provide our citizens with the tools they need to truly protect themselves.”

(more…)

Insider Threat Example: Medco Employee Indicted for Planting Computer Logic Bomb

Wednesday, January 3rd, 2007

On December 19, 2006, a computer systems administrator, Andy Lin, for Medco Health Solutions, Inc. was indicted by a federal grand jury in the U.S. District Court for the District of New Jersey for attempting to disable his employer’s corporate computer servers through the use of a concealed malicious software program.
Today (January 3) Lin is being arraigned. If convicted, he could get 20 years in prison and a fine of $500,000; $250,000 for each of the two charges.

(more…)

Potential Personal Data Breach of 5.38 Million Individuals at Nissan in Japan

Tuesday, January 2nd, 2007

I ran across an interesting news report,”Nissan data leak puts 5 million at risk
I was surprised I did not see this report on any of U.S. news sites. The report is very vague. It just indicates a “leak” occurred between May 2003 and February 2004. A small excerpt:

(more…)

Report from Taipei: Do Visitors to the U.S. Really Have Their Emails and Credit Card Transactions Inspected?

Monday, January 1st, 2007

Folks outside of the U.S. are increasinglyg being warned that going to the U.S. could result in privacy incidents, as demonstrated by another such report today in the Taipei Times, “Traveling to the US could trigger a loss of privacy
An excerpt from the report:

(more…)