The Akron Beacon Journal reported February 5 more impacts of the massive TJX breach that occurred late in 2006 that may have impacted over 40 million individuals according to the Wall Street Journal.
Posts Tagged ‘privacy incident’
Identity Theft: More Info On Fallout From The TJX Breach
Wednesday, February 7th, 2007PCI DSS and GLBA Compliance & Privacy Breach: Lawsuits Filed Against TJX
Sunday, February 4th, 2007Let’s look at the events that have occurred with the recent TJX computer hack and resulting privacy breach and identity thefts:
Puget Sound Energy Ordered to Pay $995,000 For Selling Customer Personal Information
Tuesday, January 30th, 2007Puget Sound Energy, Washington state’s largest electricity and natural gas utility, with over 1 million customers in 11 western Washington counties, was ordered to pay a total of $995,000 in fines for selling their customer information to marketing companies over a five year period. Only 18,992 of the transferred calls during the five years of the marketing program–from November 2001 to March 2006–were subject to penalties because of a two-year statute of limitations, according to the commission statement.
Routine Personal Information Posting in the U.S. State Government Agencies
Monday, January 29th, 2007NBC news ran a story about how many state government agencies post sensitive personally identifiable information (PII) on their websites. In this case an Ohio county court “routinely posted traffic tickets and other public records on its Web site.”
Laptop Protection Advice for The Holidays
Thursday, November 16th, 2006Yesterday EARTHtimes, which appears to be a general news site, carried a story with a cute title that caught my eye, “Don’t be a turkey: Protect your laptop during holiday travel.”
The State of Information Security According to E&Y
Tuesday, November 14th, 2006This year’s Ernst & Young Global Information Security Survey 2006 is out and it is always an interesting read. Arguments aside about the statistical accuracy of such surveys, it still provides useful information and also helps to track progress in the topics covered as the years march on. The history alone involved with the survey, this is the 9th year for it, are quite revealing. My, my how concerns have changed in less than a decade!
Information Assurance: Make a Perspective Adjustment; It’s All About the Business
Monday, November 13th, 2006Last week I was at the Computer Security Institute 33rd Annual Computer Security Conference & Exhibition where Chris Grillo and I also gave our post-conference seminar, “Effectively Partnering InfoSec and Privacy For Business Success“. It was interesting to hear the folks attending both the conference and our seminar express their concerns related to information security and privacy. I am always intrigued by the various viewpoints of folks in not only different industries, but also of those who have very little experience in dealing with information security, privacy and compliance versus those with a great amount of experience. It is very noticeable how the viewpoints shift from trying to address primarily only technical issues (overwhelmingly those with little experience) to the viewpoint of incorporating the issues throughout the entire enterprise and into all processes through procedures, awareness and responsibilities (overwhelmingly those with much experience).
Consumers Want Identity Theft Protection Through Homeowner Insurance
Tuesday, October 31st, 2006An interesting article was released yesterday in the Insurance Journal, “J.D. Power: Homeowners Want Carriers to Offer Identity Theft.”
It indicates that the 2006 Homeowners Insurance Study, results of feedback from 9,045 homeowners insurance policy holders in the U.S., finds 40% wants their home policy to include identity theft coverage.
Information Security Compliance Webcast
Tuesday, October 31st, 2006My friend and professional colleague, Kevin Beaver, is giving a webcast on Tuesday, November 14, “How to manage the ongoing information security requirements for SOX, HIPAA, GLBA and other key regulations: A single solution.” Kevin has great experience with information security planning and implementation, and has been addressing compliance issues in a wide range of industries and organizations for the past several years. If you are struggling with how to comply with all the multiple information security compliance requirements and have the opportunity to attend this event, it will provide some useful information to help you with your efforts.
Technorati Tags
information security
IT compliance
policies and procedures
privacy incident
awareness and training
privacy
