The recently released reports by Verizon, ArcSight/Ponemon, and Digital Forensics all offer some interesting data and statistics on breaches, but after reading them, I am reminded of the analogy of the six blind men and the elephant, as their findings are not always wholly consistent with each other. If we can generalize from the Verizon…
Category: Commentaries and Analyses
AU: Personal data ‘left open to frauds’
Richard Willingham reports: The security of personal information held by the state government is inadequate, leaving it at a heightened risk of being stolen and misused by frauds, a report has found. An Auditor-General’s report into government departments, released yesterday, said access to confidential personal data was too widespread and increased the risk of identity…
2010 Data Breach Report From Verizon Business, U.S. Secret Service Offers New Cybercrime Insights
From the press release: The 2010 Verizon Data Breach Investigations Report, based on a first-of-its kind collaboration with the U.S. Secret Service, has found that breaches of electronic records last year involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. The study, released Wednesday (July 28),…
Schools risk theft of SS numbers of children
Matthew Cella reports: Schools are putting children at risk of identity fraud by obtaining their Social Security numbers when it is not required by law and often unnecessary, the Social Security Administration’s Office of Inspector General has concluded. Some school systems in at least 26 states collect the nine-digit identifiers when students from kindergarten through…
IA: Buena Vista University reveals data breach (update 1)
Buena Vista University has had a data breach on campus. We engaged a nationally-recognized computer forensics team to conduct an investigation and learned someone gained unauthorized access to a BVU database. The information that this person could have accessed includes names, Social Security numbers and some driver’s license numbers of BVU students (applicants, former and…
HM Courts Service staff breached government database of personal information
Mark Ballard reports: Staff working for Her Majesty’s Courts Service have breached security on the government database that stores personal data about everyone in the UK. Also, local authorities sacked 26 employees last year for snooping on personal data stored on the Department for Work and Pensions (DWP) Customer Information System (CIS), which, with 90…