Anthony Skeens reports a settlement in a lawsuit that I don’t recall seeing before: A settlement has been reached in a lawsuit against the state for exposing employee personnel information to Pelican Bay State Prison inmates. The settlement last week came after five years of litigation stemming from two incidents in 2006 when the prison…
TSP head expresses regret over cyberattack
Kellie Lunney reports that the recent TSP breach has inspired at least one Senator to try to require all federal agencies to have a breach notification policy in place. You’d have thought they would have one already, wouldn’t you, but apparently not…. The head of the Thrift Savings Plan expressed regret on Tuesday over not…
Data breaches up 19 percent, GAO reports
Federal data breaches jumped 19 percent last year, the Government Accountability Office said Tuesday. There were roughly 13,000 incidents reported by agencies in 2010 involving unauthorized disclosures of personally identifiable information — last year, that figure shot up to 15,500, Greg Wilshusen, GAO’s director of information security issues, told the Senate subcommittee on government management…
Privacy commissioner ‘deeply disturbed’ by Election Ontario’s handling of voter data
Caroline Alphonso reports: Elections Ontario ignored security measures and went right back to using memory sticks without enabling the encryption software just days after personal information of as many as 2.4 million voters – contained on two USB keys without the necessary safeguards – vanished from one of its warehouses, the province’s privacy commissioner charged….
OHSU says data about some patients and employees stolen in a home burglary
Oregon Health & Science University Hospital officials have posted a notice on their web site. While most of the notice concerns patient information, it appears that almost 200 employees had their Social Security Numbers on the stolen USB drive. OHSU has set up a toll free number to respond to patient questions. Information stored on…
Recent Developments — Both in the Courts and in Congress — on the Scope of the Computer Fraud and Abuse Act
Orin Kerr writes: I’ve blogged a lot on the scope of the Computer Fraud and Abuse Act, and specifically on whether using a computer in violation of a computer use policy or Terms of Service is a federal crime. I’ve been banging the drum urging courts to adopt a narrow interpretations of the Act for a decade,…