Commentaries and Analyses – Page 821

2010 Data Breach Report From Verizon Business, U.S. Secret Service Offers New Cybercrime Insights

Posted on July 28, 2010 by Dissent

From the press release: The 2010 Verizon Data Breach Investigations Report, based on a first-of-its kind collaboration with the U.S. Secret Service, has found that breaches of electronic records last year involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. The study, released Wednesday (July 28),…

Schools risk theft of SS numbers of children

Posted on July 26, 2010 by Dissent

Matthew Cella reports: Schools are putting children at risk of identity fraud by obtaining their Social Security numbers when it is not required by law and often unnecessary, the Social Security Administration’s Office of Inspector General has concluded. Some school systems in at least 26 states collect the nine-digit identifiers when students from kindergarten through…

IA: Buena Vista University reveals data breach (update 1)

Posted on July 16, 2010 by Dissent

Buena Vista University has had a data breach on campus. We engaged a nationally-recognized computer forensics team to conduct an investigation and learned someone gained unauthorized access to a BVU database. The information that this person could have accessed includes names, Social Security numbers and some driver’s license numbers of BVU students (applicants, former and…

HM Courts Service staff breached government database of personal information

Posted on July 16, 2010 by Dissent

Mark Ballard reports: Staff working for Her Majesty’s Courts Service have breached security on the government database that stores personal data about everyone in the UK. Also, local authorities sacked 26 employees last year for snooping on personal data stored on the Department for Work and Pensions (DWP) Customer Information System (CIS), which, with 90…

Visa To Acquirers: Stop Forcing PAN Retention

Posted on July 15, 2010 by Dissent

Evan Schuman writes: Visa on Wednesday (July 14) sent a direct message to acquiring banks: Stop making retailers retain credit card information unless you want to stop servicing Visa. A key Visa security executive (Eduardo Perez, the head of global payment system security) said the brand is now merely “strongly encouraging [acquirers] to not require”…

No more anonymous “private practice” on HHS breach list

Posted on July 14, 2010 by Dissent

HHS has now started revealing the names of the HIPAA-covered entities who had previously been listed only as “private practice” in their list of those having breaches affecting 500 or more individuals. PHIprivacy.net had been one of a number of entities that had complained about private practices being shielded, but OCR had interpreted the Privacy…