Anonymous/AntiSec/LulzSec has released two data dumps: one from the California Statewide Law Enforcement Association and one from the New York State Association of Chiefs of Police. Both dumps appear to include names, email addresses and passwords for members as well as some mail spools. The passwords appear to be MD5, and some have already been…
Category: Government Sector
New York City Public Advocate notifies web site submitters of security breach, but did they downplay its scope?
It felt like an exercise in futility, but on Christmas Day, I started making phone calls to alert the NYC Office of the Public Advocate that their database had been hacked and personal and sensitive information of those seeking assistance had been exposed. No one ever called me back, but having provided specific details to…
Office of the New York City Public Advocate Hacked
Okay, this is bad. So bad that if it had been published before I wrote my “worst breaches of 2011” post, it would have probably made the list. The Office of the New York City Public advocate was hacked and the entire database appears to have been dumped, including thousands of pages of highly personal…
Virginia database with Social Security numbers available to public for 10 years
Steve Contorno reports: A state database containing sensitive information, including more than 600 Social Security numbers, was available to the general public through the Virginia Department of General Services website since 2001. The department announced Friday that the site is now secure, and it is notifying affected individuals. The state does not believe the sensitive…
Step up Social Security number protection, OIG says
Alice Lipowicz reports: The Social Security Administration should do more to protect against identity theft by increasing security controls on Social Security numbers and programs, according to two new federal audits. One of the audits targeted the millions of SSN printouts distributed by the agency each year, which have much looser security controls than Social…
NZ: WINZ staff fired for breaching client privacy
Ian Stewart reports: Five South Auckland Work and Income staff have been fired for inappropriately accessing clients’ files. The employees, all from the Manukau office, were fired for accessing information on family and friends. WINZ said there were “many breaches” by the staff and a national investigation has now been launched. Read more on Nelson…