Kim Zetter writes: An internet-based voting system that was hacked last week by researchers at the University of Michigan stored its database username, password and encryption key on a server open to attack. Alex Halderman, a computer scientist at the university, has detailed the vulnerabilities and hacking techniques his students used to completely control the system…
Category: Government Sector
Canadian Privacy Commissioner troubled by poor computer disposal practices and lack of controls for wireless devices in government
The federal government’s use of handheld communications devices and its practices for disposing of unneeded paper documents and surplus computers could expose the personal information of Canadians to unauthorized disclosure, Privacy Commissioner of Canada Jennifer Stoddart has warned. The findings, stemming from two separate privacy audits conducted by the Office of the Privacy Commissioner of…
Hackers Steal $600,000 from Brigantine, NJ
Brian Krebs reports: Organized cyber thieves took roughly $600,000 from the coastal city of Brigantine, New Jersey this week after stealing the city’s online banking credentials. The break-in marks the second time this year that hackers have robbed the coffers of an Atlantic County town: In March, a similar attack struck Egg Harbor Township, N.J., which lost…
Higher Damages Possible in Prison Privacy Breach Lawsuit – Court
Courthouse News reports on the latest legal development in a lawsuit that started with a privacy breach in 2001 involving employees at the Federal Medical Center in Kentucky: Staff members at a prison hospital in Kentucky might be entitled to more than $1,000 each for the breach of privacy that occurred when a federal investigator…
When is three years of free credit monitoring still not enough?
How quickly times change. It seems like only a few years ago that we thought it newsworthy that a breached entity would offer a year of free credit monitoring. Then it became newsworthy when they offered two years. Then it became newsworthy when they didn’t offer any free services. Now some retirees in Delaware are…
Confidential files found in drug raid were ‘job applications, Victoria Police
Earlier today I read an article on a security breach involving the Australian Security Intelligence Organization (ASIO). During a drug raid in Melbourne, the police had discovered intelligence and police files. Believing that it was a security breach involving intelligence but not necessarily PII, I didn’t cover it here. Now it turns out that the…