Jan Murphy reports: Last week, Pennsylvania’s chief information security officer Robert Maley was at an information security conference in San Francisco talking about a hacking incident involving PennDOT’s computers. This week, Maley is gone. […] Danielle Klinger, a spokeswoman for the state Department of Transportation, said the agency is not aware of any hacking or…
Thrivent Financial Suffers Breach Of Security
A Great Lakes-based insurer says it has suffered a security breach that may have compromised sensitive client data. Thrivent Financial for Lutherans, Minneapolis, says it experienced a break-in at one of its offices in Pennsylvania. A laptop computer was among the items stolen. The laptop had safeguards to protect sensitive information, including strong password protection…
Wickenburg Unified School District struggles to secure sensitive student data
Pat Kossan reports that data security in the Wickenburg Unified School District was found seriously lacking in a state audit: Wickenburg Unified School District has not secured its computer system containing sensitive student data, including student addresses, birth dates and Social Security numbers, state auditors found. Staffers from the Arizona Office of the Auditor General…
Analyst Study Shows Employees Continue to Put Data at Risk
From the press release, results of the annual “Human Factor in Laptop Encryption” study by Absolute Software and the Ponemon Institute: This year’s expanded study was conducted in the United Kingdom, Canada, France, Germany and Sweden, in addition to the United States. The study found that 15% of German and 13% Swedish business managers have…
More info on the Brown University incident report
The Brown University breach, which I had just included in another blog entry this morning, now has some additional details available. Julia Kim of The Brown Daily Herald reports that Blue Cross Blue Shield of Rhode Island accidentally sent paper records of more than 500 Brown employees and their family members to another subscriber company…
Voluntary Breach Disclosure Rare But Valuable
Kelly Jackson Higgins writes: Google’s and Adobe’s disclosure in January that they had been hit by the same wave of targeted attacks were rare voluntary revelations, the likes of which may never be seen again: Most companies won’t disclose an attack unless required to by law or regulations. But security experts and forensics investigators say…