Highlights from the GAO Report, “INFORMATION SECURITY: VA Needs to Address Long-Standing Challenges (GAO-14-469T): The Department of Veterans Affairs (VA) continues to face long-standing challenges in effectively implementing its information security program. Specifically, from fiscal year 2007 through 2013, VA has consistently had weaknesses in key information security control areas (see table). Control Weaknesses for…
Sorenson Communications notifying employees after breach at payroll vendor’s
I’ve recently seen a number of reported breaches involving unnamed payroll vendor(s). I wish notification letters would name the breached vendor(s) so we’d know if it’s the same vendor or if a bunch of payroll vendors have recently been successfully attacked. Today’s report is from Sorenson Communications, who notified U.S. Sorenson Communications and CaptionCall@ employees that…
Michaels Stores: two months later, no update?
On January 25, Michaels Stores issued a statement that began: Michaels Stores, Inc. (the “Company” or “Michaels”) recently learned of possible fraudulent activity on some U.S. payment cards that had been used at Michaels, suggesting that the Company may have experienced a data security attack. The Company is working closely with federal law enforcement and is conducting an…
WA: Gig Harbor psychologist suspended over laptop theft must be evaluated before practicing again
Stacia Glenn reports: A Gig Harbor psychologist who failed to immediately fess up that a prostitute stole his laptop with medical information about 652 state Department of Social and Health Services clients must undergo a mental health evaluation if he wants to practice again. Sunil Kakar was suspended in October on charges ranging from unprofessional…
Chicago’s Trustwave sued over Target data breach
Ooh. Trustwave has been sued for their role in the Target breach. The plaintiffs in the potential class action lawsuit are Green Bank and Trustmark Bank John Pletz reports: Although the most serious allegations are leveled at Target, the suit alleges that Trustwave failed to identify deficiencies in the retailer’s IT systems. Trustwave’s software audits companies’ IT systems…
AU: Doubts over computer hacker case
JoAnne McCarthy reports: An alleged computer hacker described last year as a ‘‘considerable risk to society’’ could apply to have all charges against him dismissed after questions about the case against him and the ‘‘guns blazing attitude’’ of police. Matthew Flannery, 24, of Point Clare, was allegedly an international hacking group leader when he was…