Highlights from a GAO report released yesterday: Although the Securities and Exchange Commission (SEC) had implemented and made progress in strengthening information security controls, weaknesses limited their effectiveness in protecting the confidentiality, integrity, and availability of a key financial system. For this system’s network, servers, applications, and databases, weaknesses in several controls were found, as…
Category: Government Sector
Ca: RCMP charge 19-year-old man in Heartbleed privacy breach at Canada Revenue Agency
Christina Commisso reports: A 19-year-old man from London, Ont., has been charged in connection with using the Heartbleed bug to exploit taxpayer data from the Canada Revenue Agency website. The RCMP announced Wednesday that Stephen Arthuro Solis-Reyes was arrested at his home Tuesday without incident. He has since been released and is staying with his…
MN: Militia commander with Fort Bragg ties admits to ID theft
fayobserver.com reports that Keith Michael Novak has pleaded guilty to identity theft in a scheme that involved stealing the identity information from members of his former Army unit at Fort Bragg. He reportedly planned to use their identity information to make fake IDs for members of his militia, the 44th Spatha Libertas. Novak was an…
MN: Two years’ probation for former DNR employee in data breach
This really unacceptable, and for the prosecutor to suggest that the sentence was fair because there was no public safety risk totally minimizes the importance of citizens feeling a measure of confidence that state employees are not snooping in their files. Chao Xiong reports: A former state employee who pleaded guilty to breaching thousands of…
900 social insurance numbers taken in Canada Revenue Agency security breach involving Heartbleed
Meghan Hurley reports: The social insurance numbers of 900 Canadians were swiped from the Canada Revenue Agency website after its Internet software was compromised by the so-called Heartbleed computer bug. Andrew Treusch, the commissioner of the Canada Revenue Agency, said in a statement the CRA has worked around the clock to implement a “patch” for…
AU: ACCC admits to personal data breach
Hannah Francis reports: The Australian Competition & Consumer Commission has apologised for a privacy breach after it left an unknown quantity of personal email addresses accessible online. The ACCC said the addresses of subscribers to its information alert services for the Recalls Australia, Product Safety Australia, SCAMwatch and ACCC Public Registers websites were “inadvertently made…