From the this-does-not-inspire-confidence dept.: Ellen Messmer reports: Database security is rife with pitfalls, according to 430 Oracle database administrators surveyed by the Independent Oracle Users Group. According to the results of the survey released last month, fewer than 30% encrypt personally identifiable information in all their databases, while about 75% acknowledge their organizations do not…
Category: Commentaries and Analyses
School Lunch Risk: Audit of Metro Schools in Nashville Reveals Students’ SSN Not Adequately Protected
Deanna Lambert reports: Channel 4 News has learned Social Security numbers of Metro Nashville Public Schools students were not adequately protected, and the slip-up was traced back to the lunch line. In some Metro Schools, students can’t get lunch without going through a computer. An audit suggests that Metro Schools needs more protection and better…
Two More Courts Close the Doors on Data Breach Plaintiffs
Venkat Balasubramani discusses two recent court decisions that turned data breach plaintiffs away. The first case is the Hannaford case, discussed previously on this blog, but I was surprised to learn that the Providence Health System breach finally was decided: Paul v. Providence Health System-Oregon, (Ore. Ct. App. Oct. 6, 2010): this case involved the…
Cancer researcher fights UNC demotion over data breach (updated)
Gregory Childress reports that a data breach had significant consequences for a researcher. Because I don’t recall ever seeing such consequences before, I think this is pretty newsworthy: A UNC cancer researcher is fighting a demotion and pay cut she received after a security breach in the medical study she directs. Bonnie Yankaskas, a professor in…
ICO: data crooks should face jail
… Responding to a Ministry of Justice call for evidence on the current data protection legislative framework, the privacy watchdog said that the greatest threat to information security in organisations is individuals. But it said the Data Protection Act “only provides for a fine for those individuals who knowingly or recklessly obtain or disclose personal…
UK card fraud losses at 10 year low
Pleasantly surprising good news from the UK: Fraud losses on UK cards fell to their lowest levels for 10 years in the first half of 2010, while online banking also saw a decrease in the amount lost for the first since 2007. According to the UK Cards Association, total fraud losses on UK cards was…