Joe O’Sullivan reports: When National American University moved from one Rapid City campus to a new location earlier this year, the school or a contractor appears to have improperly disposed of thousands of sensitive student financial records that included names, addresses, loan numbers and Social Security numbers, according to documents reviewed by the Rapid City…
Category: Commentaries and Analyses
JPMorgan Chase & Co. explains delay in notifying Connecticut about online security breach
JPMorgan Chase has attempted to explain the delay in notification to Connecticut, but at least one Connecticut official is not satisfied. Ed Jacovino reports: JPMorgan Chase & Co. says it waited to determine what information could have been involved in an online security breach before telling officials this week that people with state-issued debit cards…
Statement on guilty pleas by Paypal13
Statement from the U.S. Attorney’s Office for the Northern District of California on the “Paypal13:” Thirteen defendants pleaded guilty in federal court in San Jose yesterday to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group “Anonymous,” United States Attorney Melinda Haag announced. One of the defendants also…
JPMorgan Chase breach update: pile on…
The JPMorgan Chase Ucard breach reported previously on this blog affects residents of numerous states. As such, not only do I expect to see lawsuits filed, but state attorneys general will likely jump into the act to protect their respective residents. Did JPMorgan Chase promptly notify their residents and are they offering enough remediation and…
NYS Comptroller finds IT security deficits in towns of Babylon and Salina
Every so often I post audit reports from the NYS Comptroller’s Office. Last week, the office posted two completed audits worth noting here: The Town of Babylon was audited for the period January 1, 2011 — July 31, 2012. In addition to significant concerns about the town’s financial health conditions and other matters, one of…
Over half of Austin, Texas departments don’t even have policies on collecting, storing, or accessing PII – city auditors
Summary from Protection of Personally Identifiable Information (PII) Audit by City of Austin auditors (November 2013): The objective of this audit was to evaluate the process for protecting PII that is collected and/or stored by the City. The audit scope included the City’s policies and procedures related to the protection of PII for Fiscal Year…