Cross-posted PHIprivacy.net: When Michael Ramirez recently used RiteAid’s mobile app to check on a prescription, he never expected to be able to access other customers’ names, addresses, and prescription records. But he was able to, and now Ramirez, a computer scientist working for the Navy’s Space and Naval Warfare Systems Command in Charleston, is going…
Category: Commentaries and Analyses
Hacktivism skews security trend analysis
The re-emergence of the hacktivist movement appears to have thrown a spanner in the works for those in the InfoSec industry charged with data breach trend analysis. There has been a series of massive data breaches over the last 16 months – each of which compromised more than a million identities. During the same time,…
Debate heats up in Oz over data liability
Hamish Barwick reports: The call for mandatory data breach notifications and potential legal proceedings against enterprises who fail to protect customer data has become a little louder in Australia, according to the findings of a new survey. The report, entitled Australian Consumer Data Survey 2012, which was conducted for iSeek Communications in July 2012 with…
AU: Schools clueless about IT security, reveals study
Byron Connolly reports: Almost one in two Australian secondary and tertiary schools do not have an IT security awareness program in place and alarmingly, 53 per cent didn’t know what information was taken during a data breach, according to a study commissioned by Symantec.cloud. The study asked around 500 teachers and administration staff at 168…
Widely used fingerprint reader exposes Windows passwords in seconds
Dan Goodin reports: Fingerprint-reading software preinstalled on laptops sold by Dell, Sony, and at least 14 other PC makers contains a serious weakness that makes it trivial for hackers with physical control of the machine to quickly recover account passwords, security researchers said. The UPEK Protector Suite, which was acquired by Melbourne, Florida-based Authentec two years ago, is…
Scottish councils lose personal data of 10,000
From PublicService.co.uk Hundreds of council data security incidents have led to the loss of data on more than 10,000 people in Scotland over the past five years, figures released under freedom of information laws have revealed. Laptops containing images of children were lost, as was confidential pension information and Blackberry devices containing sensitive emails. These…