Nicole Hasham reports: Former immigration minister Scott Morrison presided over an “unfair” investigation that ensured asylum seekers were unsuccessful in showing a serious data bungle made it more dangerous to return home, the Federal Court has found. The privacy breach, when the Immigration Department published online the confidential details of almost 10,000 asylum seekers, raised the prospect that…
Category: Of Note
Central New Mexico Community College student information possibly compromised (Updated)
KOAT reports: Thousands of Central New Mexico Community College students could be at risk of having their personnel information compromised. The college said someone from the health center reported in July that a thumb drive with students’ birth dates and Social Security numbers was missing. The college does not know what happened to it. Read more…
Comcast penalized $33 million by PUC for privacy breach
George Avalos reports: State regulators on Thursday approved a $33 million settlement with Comcast in connection with an unauthorized disclosure of unlisted names, phone numbers and addresses of 75,000 of the telecommunications giant’s customers. The names, phone numbers and addresses of the unlisted and non-published customers became available on Comcast’s online director (sic), in one…
Oops! Error by Systema Software exposes millions of records with insurance claims data and internal notes (Update3)
Insurance carriers, third party administrators (TPAs), and self-insureds had claims data exposed when a cloud-hosted claims management service inadvertently left their databases and files unprotected on a public server. Another week, another infosecurity failure that exposed oodles of personal information. This time, it’s a leak that not only exposed insurance claims data, but allegedly included internal documents that reveal how…
US-CERT’s do’s-and-don’ts for after the cyber hack
Jason Miller reports that US-CERT is offering best practices for after an attack. Here’s a bit of what he reports: Hacked organizations shouldn’t automatically initiate reactive measures to the network without first consulting incident response experts. Barron-DiCamillo said US-CERT and a host of other companies do incident responses for a living as opposed systems administrators…
DoD Issues Interim Rule For Contractors on Incident Reporting and Cloud Computing Services
Joe Lazzarotti writes: Government contractors have a wide range of unique challenges (find out more about these here), not the least of which is data security. A good example is the interim rule the Department of Defense (DoD) issued last month that implements sections of the National Defense Authorization Act for Fiscal Years 2013 and…