Jaikumar Vijayan reports: Nearly eight months after new rules were enacted requiring stronger protection of health care information, organizations are still leaking such data on file-sharing networks, a study by Dartmouth College’s Tuck School of Business has found. In a research paper to be presented at an IEEE security symposium Tuesday, a Dartmouth College professor…
Employee creates Smucker data exposure jam
When an employee of J.M. Smucker needed assistance on a human resources project, the employee e-mailed the data to a relative who’s a computer programmer for help. Unfortunately, although the programmer’s server is reportedly a secure server, the programmer is not an employee of Smucker’s. Smucker discovered the breach itself through its own monitoring, and…
Data stolen from NADRA office in Karachi
From the that’s-all-they-wrote dept: LAHORE: Unidentified men broke into the premises of the National Database and Registration Authority (NADRA) office at the Shah Faisal Colony in Karachi and stole some very important data, a private television channel reported on Monday. According to the channel, the thieves had sneaked into the NADRA office through a window…
Stolen server contains medical info on 40,000 eye patients
OCR added a few more breaches to its list. Two were covered earlier today on PHIprivacy.net, but the third one, added later in the day, affected 40,000 people: Silicon Valley Eyecare Optometry and Contact Lenses State: California Approx. # of Individuals Affected: 40,000 Date of Breach: 4/02/10 Type of Breach: Theft Location of Breached Information:…
DIA official says privacy, security different for cloud
Stephen Bell reports: The government may have to make sacrifices in such treasured concepts as privacy and sovereignty, so that public sector organisations can take advantage of the “convenience” of the cloud, says a Department of Internal Affairs (DIA) project manager. Adam Stapleton is managing a project for DIA’s Government Technology Services (GTS) arm, to…
Study: One group responsible for 2/3 of all phishing attacks
The Anti-Phishing Working Group (APWG) recently released its report, Global Phishing Survey: Trends and Domain Name Use in 2H2009. From the Overview: Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry. But by mid-2009, phishing was dominated by one player as never before—the ―Avalanche‖ phishing operation….