Commentaries and Analyses – Page 831

Break’s over: after decline in 2009, breach reports appear to rise in 2010

Posted on August 3, 2010 by Dissent

The Verizon breach analysis report released this past week reported declines in 2009 in both the number of records compromised and the number of breaches Verizon was asked to investigate. Their reported decline in number of breaches has some confirmation in reports from the Privacy Rights Clearinghouse and the Identity Theft Resource Center, who…

Three breach reports, three sides of the elephant?

Posted on August 2, 2010 by Dissent

The recently released reports by Verizon, ArcSight/Ponemon, and Digital Forensics all offer some interesting data and statistics on breaches, but after reading them, I am reminded of the analogy of the six blind men and the elephant, as their findings are not always wholly consistent with each other. If we can generalize from the Verizon…

AU: Personal data ‘left open to frauds’

Posted on July 28, 2010 by Dissent

Richard Willingham reports: The security of personal information held by the state government is inadequate, leaving it at a heightened risk of being stolen and misused by frauds, a report has found. An Auditor-General’s report into government departments, released yesterday, said access to confidential personal data was too widespread and increased the risk of identity…

2010 Data Breach Report From Verizon Business, U.S. Secret Service Offers New Cybercrime Insights

Posted on July 28, 2010 by Dissent

From the press release: The 2010 Verizon Data Breach Investigations Report, based on a first-of-its kind collaboration with the U.S. Secret Service, has found that breaches of electronic records last year involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. The study, released Wednesday (July 28),…

Schools risk theft of SS numbers of children

Posted on July 26, 2010 by Dissent

Matthew Cella reports: Schools are putting children at risk of identity fraud by obtaining their Social Security numbers when it is not required by law and often unnecessary, the Social Security Administration’s Office of Inspector General has concluded. Some school systems in at least 26 states collect the nine-digit identifiers when students from kindergarten through…

IA: Buena Vista University reveals data breach (update 1)

Posted on July 16, 2010 by Dissent

Buena Vista University has had a data breach on campus. We engaged a nationally-recognized computer forensics team to conduct an investigation and learned someone gained unauthorized access to a BVU database. The information that this person could have accessed includes names, Social Security numbers and some driver’s license numbers of BVU students (applicants, former and…