Parts of the report were redacted, indicated by x’s below. Executive Summary: The Office of Inspector General (OIG) performed a review of the Department of Education’s (Department) external web sites. This audit was conducted in accordance with the Federal Information Security Management Act (FISMA) as enacted by Title III of the E-Government Act of 2002,…
Category: Commentaries and Analyses
Analysis of Savvis’ Motion to Dismiss Lawsuit
David Navetta has written a clear and helpful analysis of Savvis’ motion to dismiss Merrick Bank’s lawsuit against Savvis, arising out of the CardSystems Solutions breach.
EPIC Urges Comprehensive Strategy for ID Theft
From EPIC.org: With ID theft rapidly increasing in the United States, EPIC Executive Director Marc Rotenberg urged a Congressional Committee to address the root causes of the problem. In a testimony before the House Oversight Committee, Mr. Rotenberg said that the government typically acts only after the crime has occurred and warned that the problem…
Pointer: Commentaries on Merrick Bank v. Savvis
Last week, people started talking about a lawsuit first filed last year by Merrick Bank against Savvis Inc. The basis for the suit is that when Savvis audited CardSystems Solutions for compliance with the CISP security standards of the time, they gave them a clean bill of health. Merrick sued them after the breach, and…
OIS Commentary: And some walls will come tumbling down
One of yesterday’s posts on PHIprivacy.net reports a data breach involving Kelsey-Seybold Clinic that has not been reported in the mainstream media. I contacted Kelsey-Seybold after a site visitor alerted me to the breach. The report is frustratingly short on details, though, because Kelsey-Seybold could — and did — simply ignore questions it did not…
A Reader’s Rant: “YOU CAN’T FIX STUPID!”
A recent post on a FACTA-related lawsuit touched a nerve for at least one reader. Erick Mann, ID Theft Group Security Specialist, sent me the following, which he’s given me permission to post here: I have found that the conversation sounds like a loop on a tape recorder: “We’re fine, that doesn’t apply to us”…