Washington South Supervisory Union in Northfield, Vermont reports what they describe as a “serious security breach on its financial computer system” that may have compromised members’ personal financial information. By letter dated October 28 to those affected, the Supervisory Union indicated that until matters were resolved, payroll checks would be issued using paper paychecks. The…
Month: November 2011
UK: What’s gone wrong at #ICO?
Stewart Room writes: If you’ve been keeping a close eye on developments at the Information Commissioner’s Office, then you will have detected a very clear trend when it comes to regulatory enforcement action. Basically, ICO has abandoned the monetary penalty and other statutory enforcement mechanisms, for “undertakings”. Read more on Stewart Room. I’m glad for…
UK: Vince Cable apologises for disclosing confidential documents
Business Secretary Vince Cable has apologised ”unreservedly” after confidential documents were discovered in bins left outside his constituency office. Unshredded paperwork, including correspondence from ministers and letters which contained personal details of his constituents, were found dumped in transparent recycling bags outside the Liberal Democrat’s Richmond and Twickenham HQ over a nine month period. Read…
A rash of x-ray thefts highlights an often overlooked risk
I’ve occasionally reported news stories concerning the theft of x-ray films containing personally identifiable information. Here’s another example from HHS’s latest update to the breach tool: Thomas Jefferson University Hospitals in Pennsylvania notified 3,150 patients after x-ray films were stolen on September 6. The hospital posted a notice linked from its home page. A search of…
What could be worse than 4.9 million? How about 5.1 million?
The HHS breach tool has been updated and I noticed that the SAIC/TRICARE breach entry has been added. I also noticed that although media reports had the breach as affecting 4.9 million, the actual number appears to be 5,117,799. A lawsuit has been filed against the Department of Defense after backup tapes were stolen from…
First joint EU-US cyber security exercise conducted today, 3rd Nov. 2011
The first joint cyber security exercise between the EU and US is being held today (3rd Nov.) in Brussels, with the support of the EU’s cyber security Agency ENISA and the US Department of Homeland Security. The day-long table-top exercise, "Cyber Atlantic 2011", is using simulated cyber-crisis scenarios to explore how the EU and US…