Richard Willingham reports: The security of personal information held by the state government is inadequate, leaving it at a heightened risk of being stolen and misused by frauds, a report has found. An Auditor-General’s report into government departments, released yesterday, said access to confidential personal data was too widespread and increased the risk of identity…
Category: Commentaries and Analyses
2010 Data Breach Report From Verizon Business, U.S. Secret Service Offers New Cybercrime Insights
From the press release: The 2010 Verizon Data Breach Investigations Report, based on a first-of-its kind collaboration with the U.S. Secret Service, has found that breaches of electronic records last year involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. The study, released Wednesday (July 28),…
Schools risk theft of SS numbers of children
Matthew Cella reports: Schools are putting children at risk of identity fraud by obtaining their Social Security numbers when it is not required by law and often unnecessary, the Social Security Administration’s Office of Inspector General has concluded. Some school systems in at least 26 states collect the nine-digit identifiers when students from kindergarten through…
IA: Buena Vista University reveals data breach (update 1)
Buena Vista University has had a data breach on campus. We engaged a nationally-recognized computer forensics team to conduct an investigation and learned someone gained unauthorized access to a BVU database. The information that this person could have accessed includes names, Social Security numbers and some driver’s license numbers of BVU students (applicants, former and…
HM Courts Service staff breached government database of personal information
Mark Ballard reports: Staff working for Her Majesty’s Courts Service have breached security on the government database that stores personal data about everyone in the UK. Also, local authorities sacked 26 employees last year for snooping on personal data stored on the Department for Work and Pensions (DWP) Customer Information System (CIS), which, with 90…
Visa To Acquirers: Stop Forcing PAN Retention
Evan Schuman writes: Visa on Wednesday (July 14) sent a direct message to acquiring banks: Stop making retailers retain credit card information unless you want to stop servicing Visa. A key Visa security executive (Eduardo Perez, the head of global payment system security) said the brand is now merely “strongly encouraging [acquirers] to not require”…