The State Department does not have an accurate accounting of its laptop computers, including ones meant for classified use, and has failed to encrypt machines as it is supposed to do to protect sensitive information, according to a new report by the department’s inspector general. Inspectors found that 27 laptops, worth $55,000 were missing out…
Category: Commentaries and Analyses
SSN Relatively Easy to Predict
Over on PogoWasRight.org, I’ve posted about a study released by researchers Alessandro Acquisti and Ralph Gross of Carnegie Mellon University. The study has significant implications for the use of SSN and for protecting against identity theft, even though a government spokesperson responded by seemingly downplaying the findings and their implications. If you would like to…
What About Former Employees?
When the Tyco Flow Control Americas office at in Houston was broken into over the weekend of June 6 and 7, burglars stole the Payroll Manager’s laptop computer and gained access to locked rooms that contained payroll and HR documents of current and some former employees. According to a letter sent by Holly Kriendler to…
NV’s New Encryption Law Made Moot?
Rebecca Herold of IT Compliance has a commentary on Nevada’s new encryption law and whether the state’s data breach law makes the encryption law moot. It begins: On May 30, 2009, Nevada enacted a new law, SB 227, which will basically replace NRS 597.970 in January 2010. In many ways the new law is an…
A Treasure Trove For Hackers
Forensics experts at the Dublin office of consultancy Ernst & Young have found evidence that prominent companies in Ireland are allowing home-based employees to download sensitive company and client data to their personal computers. Second-hand computer hard drives containing sensitive information – including hundreds of customer bank, Laser and credit-card account details, car registration information,…
Pain and Suffering in the Aftermath of a Breach
One of the obstacles to consumer class action lawsuits in response to data breaches has been that most individuals cannot demonstrate actual harm, where harm is defined by the courts in financial terms. As Judge D. Brock Hornby explained when he threw out most of the Hannaford Bros. lawsuit, Maine state law requires that there…