Commentaries and Analyses – Page 858

HM Courts Service staff breached government database of personal information

Posted on July 16, 2010 by Dissent

Mark Ballard reports: Staff working for Her Majesty’s Courts Service have breached security on the government database that stores personal data about everyone in the UK. Also, local authorities sacked 26 employees last year for snooping on personal data stored on the Department for Work and Pensions (DWP) Customer Information System (CIS), which, with 90…

Visa To Acquirers: Stop Forcing PAN Retention

Posted on July 15, 2010 by Dissent

Evan Schuman writes: Visa on Wednesday (July 14) sent a direct message to acquiring banks: Stop making retailers retain credit card information unless you want to stop servicing Visa. A key Visa security executive (Eduardo Perez, the head of global payment system security) said the brand is now merely “strongly encouraging [acquirers] to not require”…

No more anonymous “private practice” on HHS breach list

Posted on July 14, 2010 by Dissent

HHS has now started revealing the names of the HIPAA-covered entities who had previously been listed only as “private practice” in their list of those having breaches affecting 500 or more individuals. PHIprivacy.net had been one of a number of entities that had complained about private practices being shielded, but OCR had interpreted the Privacy…

Data Breaches: A Black Hole – ITRC

Posted on July 8, 2010 by Dissent

The Identity Theft Resource Center is singing to this choir. Their most recent press release: As of June 30th, The Identity Theft Resource Center® recorded 341 individual breaches for the first six months of 2010. Unfortunately, hundreds of breaches have been veiled from the public, delayed in publication, or not listed on any public lists….

Hacker in AT&T iPad case breaks gagging order

Posted on July 8, 2010 by Dissent

Andy Carvell writes: An alleged hacker has broken the terms of a gagging order to speak out about his arrest and prosecution in an extraordinary rant on his group’s website. Last month, hackers exposed an embarrassing security flaw affecting iPad customers on AT&T, causing red faces all round at the telecoms provider. Shortly after the…

Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing

Posted on July 6, 2010 by Dissent

From Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing GAO-10-855T (pdf), July 1, 2010 Summary Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, reportedly has the potential to provide information technology services more quickly and at a lower…