How did the following happen…there are many options…insider threat? Poor IT storage controls? Poor applications development controls? Perhaps using real personally identifiable information (PII) for test purposes? Hacker break-in? Through an outsourced company with access to the PII, but who also had poor controls? There are so many possibilities…

(more…)