This is the time of the year that thoughts turn to gardening as seed catalogs start filling the mailboxes. I enjoy having fresh-grown vegetables from my garden; nothing is better than a deep red, ripe, juicy Big Boy Beefsteak tomato right off the vine. These seed companies are overwhelmingly small to medium-sized businesses (SMBs). Many have gone online in the past few years, bucking the century-long tradition of depending primarily upon postal mail for their sales.
Archive for the ‘identity theft’ Category
Maine Seed Company Website Hacked: Demonstrates SMB Vulnerability & Questions Hacker Safe Seals
Saturday, March 3rd, 2007Vermont State Privacy Breach Follow-up: Penetration Testing Reveals No Additional Vulnerabilities
Friday, March 2nd, 2007After the January Vermont State privacy breach through a remote attack that compromised Social Security numbers and bank account numbers for nearly 70,000 people, Governor Jim Douglas ordered a security review of the computer systems.
Exploring Identity Verification Solutions and Identity Theft Prevention
Friday, February 23rd, 2007Identity Theft: Fraudulent Use of the CVC
Monday, February 19th, 2007VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained
Sunday, February 18th, 2007Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspending “activities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”
VA Suspends Medical Research Following Most Recent Breach Until Security Certification Is Obtained
Sunday, February 18th, 2007Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspending “activities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”
Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices
Monday, February 12th, 2007Today the U.S. Department of Justice (DOJ) released the “The Federal Bureau of Investigation’s Control Over Weapons and Laptop Computers Follow-Up Audit” report.
As you can tell by my post title, this should be a very embarrassing report for the FBI.
Privacy Breach: FBI Loses Laptops Each Month Despite 2002 Audit Telling Them To Improve Practices
Monday, February 12th, 2007Today the U.S. Department of Justice (DOJ) released the “The Federal Bureau of Investigation’s Control Over Weapons and Laptop Computers Follow-Up Audit” report.
As you can tell by my post title, this should be a very embarrassing report for the FBI.
Privacy Breach: Johns Hopkins University Lost Personal Information on 135,000 Individuals
Sunday, February 11th, 2007There now seem to be so many privacy breaches that it is hard to choose which one to discuss…
Last Wednesday, 2/7, Johns Hopkins University reported personal information on 135,000 employees and patients on nine backup tapes were missing that had been given to a contractor, Anacomp Co. Inc., to make microfiche backups.
FTC: Speech Highlights Need for All Organizations To Address Information Security and Privacy & Education On These Topics
Friday, February 9th, 2007The transcript of FTC Chairman Deborah Platt Majoras’ keynote on February 6 at the RSA conference, “ID Theft and Cyber-crime: Where Thieves Victims, Industry and Government Intersect” is available on the FTC site.
I’ve often stressed how the FTC Act basically applies to all organizations of all sizes in all industries doing business in the U.S. that have been entrusted to handle personal information. Too many organizations still believe that information security privacy issues only need to be handled by healthcare or financial organizations. The FTC has made many published statements to demonstrate that all organizations had better get their act together and implement safeguards for personally identifiable information (PII). Some of the statements within Majoras’ keynote emphasize this.
