Archive for the ‘identity theft’ Category

Maine Seed Company Website Hacked: Demonstrates SMB Vulnerability & Questions Hacker Safe Seals

Saturday, March 3rd, 2007

This is the time of the year that thoughts turn to gardening as seed catalogs start filling the mailboxes. I enjoy having fresh-grown vegetables from my garden; nothing is better than a deep red, ripe, juicy Big Boy Beefsteak tomato right off the vine. These seed companies are overwhelmingly small to medium-sized businesses (SMBs). Many have gone online in the past few years, bucking the century-long tradition of depending primarily upon postal mail for their sales.

(more…)

Vermont State Privacy Breach Follow-up: Penetration Testing Reveals No Additional Vulnerabilities

Friday, March 2nd, 2007

After the January Vermont State privacy breach through a remote attack that compromised Social Security numbers and bank account numbers for nearly 70,000 people, Governor Jim Douglas ordered a security review of the computer systems.

(more…)

Exploring Identity Verification Solutions and Identity Theft Prevention

Friday, February 23rd, 2007

Earlier this week the FTC announced in a press release an identity theft prevention workshop they are hosting April 23 – 24.

(more…)

Identity Theft: Fraudulent Use of the CVC

Monday, February 19th, 2007

An interesting article pointing out the way crooks use that 3-digit code on the back of your credit card was published in the Newark Advocate Saturday.

(more…)

VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained

Sunday, February 18th, 2007

Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspendingactivities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”

(more…)

VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained

Sunday, February 18th, 2007

Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspendingactivities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”

(more…)

Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices

Monday, February 12th, 2007

Today the U.S. Department of Justice (DOJ) released the “The Federal Bureau of Investigation’s Control Over Weapons and Laptop Computers Follow-Up Audit” report.
As you can tell by my post title, this should be a very embarrassing report for the FBI.

(more…)

Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices

Monday, February 12th, 2007

Today the U.S. Department of Justice (DOJ) released the “The Federal Bureau of Investigation’s Control Over Weapons and Laptop Computers Follow-Up Audit” report.
As you can tell by my post title, this should be a very embarrassing report for the FBI.

(more…)

Privacy Breach: Johns Hopkins University Lost Personal Information on 135,000 Individuals

Sunday, February 11th, 2007

There now seem to be so many privacy breaches that it is hard to choose which one to discuss…
Last Wednesday, 2/7, Johns Hopkins University reported personal information on 135,000 employees and patients on nine backup tapes were missing that had been given to a contractor, Anacomp Co. Inc., to make microfiche backups.

(more…)

FTC: Speech Highlights Need for All Organizations To Address Information Security and Privacy & Education On These Topics

Friday, February 9th, 2007

The transcript of FTC Chairman Deborah Platt Majoras’ keynote on February 6 at the RSA conference, “ID Theft and Cyber-crime: Where Thieves Victims, Industry and Government Intersect” is available on the FTC site.
I’ve often stressed how the FTC Act basically applies to all organizations of all sizes in all industries doing business in the U.S. that have been entrusted to handle personal information. Too many organizations still believe that information security privacy issues only need to be handled by healthcare or financial organizations. The FTC has made many published statements to demonstrate that all organizations had better get their act together and implement safeguards for personally identifiable information (PII). Some of the statements within Majoras’ keynote emphasize this.

(more…)