An indictment unveiled in New York today concerning a huge Medicare fraud scheme reveals how both medical professionals and patients may have their identities stolen in furtherance of fraud. And in this case, a data breach years ago provided much of the identity information needed. William K. Rashbaum and Michael Wilson report: An Armenian-American crime…
Category: Of Note
Cancer researcher fights UNC demotion over data breach (updated)
Gregory Childress reports that a data breach had significant consequences for a researcher. Because I don’t recall ever seeing such consequences before, I think this is pretty newsworthy: A UNC cancer researcher is fighting a demotion and pay cut she received after a security breach in the medical study she directs. Bonnie Yankaskas, a professor in…
Former Employee of Fannie Mae Contractor Convicted of Attempting to Destroy Fannie Mae Computer Data
Ah, the risks of disgruntled terminated employees. A federal jury convicted computer programmer Rajendrasinh Babubhai Makwana, age 36, of Montgomery County, Maryland, yesterday of computer intrusion arising from the transmission of malicious script to Fannie Mae’s computer servers. The verdict was announced by United States Attorney for the District of Maryland Rod J. Rosenstein and…
Canadian Privacy Commissioner troubled by poor computer disposal practices and lack of controls for wireless devices in government
The federal government’s use of handheld communications devices and its practices for disposing of unneeded paper documents and surplus computers could expose the personal information of Canadians to unauthorized disclosure, Privacy Commissioner of Canada Jennifer Stoddart has warned. The findings, stemming from two separate privacy audits conducted by the Office of the Privacy Commissioner of…
Ireland: Company directors could be held liable for data breaches
Dick O’Brien reports: A leading security expert at Eircom has warned that company directors could soon be held liable for the loss of sensitive information through security breaches. Paul Dwyer, security GRC principal at Eircom, said that once the Irish government transposed the international Convention on Cybercrime into law, directors could be prosecuted if it…
Verizon PCI DSS Compliance Study: breached entities 50% less likely to be compliant
A new report from Verizon Business shows that following industry security standards can dramatically reduce such incidents. In a first-of-its-kind “Verizon Payment Card Industry Compliance Report,” the company examined compliance with the Payment Card Industry Data Security Standard (PCI DSS), which was created in 2006 to protect cardholder data and reduce credit card fraud. Company…