Barnini Chakraborty has an update on the Veterans Administration e-benefits website breach reported here recently: The VA issued a statement Friday afternoon acknowledging the “software defect.” “VA took immediate action upon discovering the software defect and shut the eBenefits system down in order to limit any problems,” the agency said. It also said that the…
Category: Government Sector
Insecure healthcare.gov allowed hacker to access 70,000 records in 4 minutes
Darlene Storm reports: When it comes to the atrocious state of HealthCare.gov security, white hat hacker David Kennedy, CEO of TrustedSec, may feel like he’s beating his head against a stone wall. Kennedy said, “I don’t understand how we’re still discussing whether the website is insecure or not. It is; there’s no question about that.” He added,…
Air Force: Changes to PII breach reporting, notification processes
In December, we saw the Scott Air Force Base in Illinois reminding people of the importance of protecting PII. Now it’s the Robins Air Force Base in Georgia sending out the message. Their announcement includes some interesting information: You will be identified; your account will be locked; and your wing commander or equivalent, will be…
UK: Will the ICO hold anyone responsible?
Jon Baines raises some interesting points in his discussion of a UK case where charges against police officers for violating the Data Protection Act were dropped in light of questions about whether they had ever been adequately trained to understand their responsibilities. Jon asks whether that situation should trigger an investigation by the Information Commissioner’s…
FL: Ex-clerk from Broward gets three years in ID theft case
There’s an update to an insider breach for tax refund fraud case involving a Broward County Court clerk, reported previously on this blog: A former employee of the Broward Clerk of Courts was sentenced Friday to three years and a day in federal prison after she pleaded guilty to federal identity theft charges. Porscha Kyles,…
SC: Employee Fired in Security Breach Sues State
Robert Kittle reports a development in a breach previously noted on this blog: A new development in the security breach at the South Carolina Department of Employment and Workforce. The SCDEW employee fired for accusations she downloaded more than 4,600 other employees and family members has filed a civil lawsuit against the agency. Read more on WLTX.