Oh dear, yesterday must have been Friday... Apparently this bank has not learned from previous incidents.
http://www.miami.com/mld/miamiherald/15365554.htm
Posted on Fri, Aug. 25, 2006
Bank warns customers personal data may have been breached
Associated Press NEW BEDFORD, Mass.
Sovereign Bank is warning thousands of customers that their personal data may have been stolen along with three managers' laptops taken earlier this month in Massachusetts.
Bank officials said fewer than 1 percent of customers [Trivialize, trivialize, trivialize... Bob] in the New England and Mid-Atlantic area may have been affected, the Standard-Times of New Bedford reported.
"There's no information any of the accounts have been compromised," bank spokesman Carl Brown told the newspaper. He would not say how many letters were sent to customers Aug. 21, but said it was in the thousands.
"We do consider this as a serious matter; we want to do everything we can," Brown said. "Police are investigating, and we're conducting our own internal investigation."
Brown said the laptop computers used by branch managers and other managerial staff included unspecified personal information but not account information.
The letter sent to customers indicated bank officials "strongly believe" the personal files were deleted before the thefts. It says the bank has programmed a flag into its systems that will notify employees if the personal information of a particular customer may have been affected. [Horses**t! Bob]
Brown said the computers, taken from vehicles at two locations [Someone should mention to employees that leaving a laptop visible in your car increases the odd it will be broken into... Bob] in Massachusetts he declined to identify, have not been recovered and there are no leads in the case. He said extra precautions have been taken regarding laptops since the thefts.
A New Bedford customer who received a letter said he wasn't concerned.
"I'm just mad, really," David Brenneke said. "The personal information shouldn't be on laptop computers. It's kind of ridiculous." [When customers know more about how security should work than you do, you have problems! Bob]
Philadelphia-based Sovereign Bank serves primarily the Mid-Atlantic region and New England. It has approximately 800 branches.
Yep, yesterday was “Let's tell our customers we screwed up by whispering where they won't hear us” day... (You lawyers can think of it as the PR version of fine print.)
http://news.com.com/2100-1029_3-6109883.html?part=rss&tag=6109883&subj=news
Verizon gaffe lets customer details slip
By Joris Evers Story last modified Fri Aug 25 17:56:28 PDT 2006
Verizon Wireless this week accidentally distributed a file with limited details on more than 5,000 customers outside the company, potentially giving identity thieves a toehold.
The Microsoft Excel spreadsheet file was e-mailed on Monday and includes names, e-mail addresses, cell phone numbers and cell phone models of 5,210 Verizon Wireless customers, going by a copy of the file obtained by CNET News.com. [So did Verizon give them a copy or did they get it from an emailee Bob] All of the customers have Motorola Razr phones, according to the spreadsheet.
The spreadsheet was inadvertently sent to about 1,800 people, all Verizon Wireless subscribers, according to a follow-up e-mail apologizing for the gaffe that the mobile carrier sent on Thursday. The Excel file was attached to an ad for a Bluetooth wireless headset, instead of the electronic order form that was supposed to be sent.
... It said that it has already implemented additional quality control procedures and process improvements to prevent a re-occurrence. [If they have already been implemented they are trivial, if they are trivial why weren't they in place long ago? Bob]
A Verizon Wireless representative confirmed the incident, but could not immediately provide specific details when reached Friday afternoon.
The information in the document is limited and does not immediately expose those listed to fraud, the company said in its apology. Yet it recommends that people affected review their bills more carefully and add a password to their account [This ship is unsinkable, but you might want to get into your lifejacket and stand close to the lifeboats... Bob] by calling 1-866-861-5096.
While the privacy breach in no way makes identity theft automatic, [Wow, what a very “PR” phrase. Bob] it helps put a clever fraudster in the starting blocks, said James Van Dyke, the principal analyst at Javelin Strategy & Research in Pleasanton, Calif., which tracks identity fraud.
"To commit ID fraud, you must do several things well. This just makes the job slightly easier," he said. For example, with this list in hand, a fraudster could call the listed numbers, pretend to be a Verizon Wireless representative and ask the subscriber for information to update the account.
One Verizon Wireless customer whose details were included in the file said he was upset about the flap. "Someone just got incredibly careless sending out a sales e-mail," said Frank Donley of Fresno, Calif. "With all the privacy incidents you read about recently, I should feel relieved that my credit card number, Social Security number or some other secure info wasn't released." [When customers know more about how security should work than you do, you have problems! Bob]
Here is another attempt to convince us that they can definitely tell when data has been accessed. If they want to convince me, let them guarantee to reimburse everyone (me, the retailers, and the credit card companies) if my identity is stolen.
It's back: Stolen Beaumont Hospitals laptop recovered
Linda Rosencrance August 24, 2006 (Computerworld)
Beaumont Hospitals today announced the recovery of a laptop missing since Aug. 5, when a home care nurse's car was stolen in Detroit.
The computer's hard drive was examined by an independent forensic computer expert, who determined that patient information on the computer was not accessed during the time it was missing, according to the hospital.
"We are so relieved to recover the laptop so that we can put our patients' minds at rest," Chris Hengstebeck, director of security at Beaumont Hospital in Troy Mich., said in the statement. "And we are relieved that no one's personal or medical information was accessed."
A resident of the area where the laptop was stolen called Hengstebeck after hearing news reports on Tuesday about the theft. The information led to the laptop's recovery, and Beaumont is giving the anonymous resident a $2,500 reward.
The computer, which contains personal and health information of 28,000 home care patients served during the three years leading up to Aug. 5, 2006, was in the nurse's bag in the back seat of her car when the auto was stolen.
The laptop does not contain information on inpatients or other outpatients of the Michigan hospitals, and the centralized registration and medical records of Beaumont were never at risk from this theft, according to Beaumont. The computer contains only information related to home care patients, including patients' names, addresses, birth dates, medical insurance information, Social Security numbers and personal health information related to their home care services, the hospital said.
Home care laptop computers are encrypted and password protected. In this instance, the nurse was a new employee in orientation, and her ID access code and password were taped to the computer when it was taken, [Please don't try to convince me passwords provide protection... Bob] according to the statement.
Hengstebeck said the home care nurse and her direct supervisors are no longer working at the facility because of the incident. [They should get lawyers. Were the disciplined because the car was stolen? Booo Bob] In addition, home care laptops have been inspected and computer security and password procedures are being reiterated with all Beaumont staff.
No privacy issues here! (These aren't the droids you want...)
http://www.eweek.com/article2/0,1759,2008340,00.asp?kc=EWRSS03119TX1K0000594
VeriChip Sells First Baby Protection System, in Talks with Military
By Renee Boucher Ferguson August 25, 2006
Updated: The maker of human-implantable RFID chips makes its first sale of its infant protection, wander prevention and staff duress system to a Canadian hospital and is discussing testing its implantable chips in two military branches.
VeriChip, the company that makes human-implantable RFID chips, is looking to span its equipment from newborns to the military's enlisted. [Willing to wait 18 years? Bob]
The company announced Aug. 24 that it has made the first sale of its infant protection, wander prevention and staff duress system to the Brampton Civic Hospital in Brampton, Ontario.
This could make life interesting... Suppose they just start issuing frequent (daily?) updates – to which you must subscribe, and then refuse to support anyone who had a problem but wasn't current on the updates.
http://slashdot.org/article.pl?sid=06/08/26/0741239&from=rss
Vista the Last of Its Kind
Posted by Zonk on Saturday August 26, @07:19AM from the vanishing-breed dept.
An anonymous reader wrote to mention a TechWorld story about Windows Vista. According to the Gartner Group, Windows Vista is likely to be the last of its kind. "The problem is that the operating system's increasing complexity is making it ever more difficult for enterprises to implement migrations, and impossible for Microsoft to release regular updates. This, in turn, stands in the way of Microsoft's efforts to push companies to subscription licensing. The answer, according to Gartner, is virtualization, which is built into newer chips from Intel and AMD, and has become mainstream for x86 servers through the efforts of VMware." Speaking of Vista, C|Net reports that a new release candidate is on the way. The average tester should expect it by the end of September.
Not exactly personal information, but the techniques are the same.
http://www.informationweek.com/news/showArticle.jhtml?articleID=192300409
Microsoft Unhappy With Release Of Lighthearted Training Video
The 37-minute video was only for internal use, but somehow got released on the Web.
By Antone Gonsalves TechWeb Aug 25, 2006 03:26 PM
Microsoft on Friday was unhappy with the online release of a training video that was made to look like an episode of the popular British comedy "The Office," and featured the show's star and creator Ricky Gervais.
Microsoft in the United Kingdom made the 2004 video as a fun way to instruct people on how not to act at work. The 37-minute video was only for internal use, but somehow got released on the Web.
... "These videos were produced for internal use and were never intended to be viewed by the public."
Microsoft was trying to determine how the video was released, the spokesperson said.
Remember, it's the spam that's illegal not the touting of stocks...
http://it.slashdot.org/article.pl?sid=06/08/25/1821256&from=rss
Buy Low, Spam High
Posted by Zonk on Friday August 25, @03:24PM from the anything-for-a-buck dept.
An anonymous reader writes "A recent study on spam has revealed that spammers see a return between 4.9% and 6% [Not bad if you can do it every month... Bob] when selling stocks they have bought low and spammed the world with." From the article: "The researchers say that approximately 730 million spam e-mails are sent every week, 15% of which tout stocks. Other estimates of spam volumes are far higher. The study, by Professor Laura Frieder of Purdue University in the US and Professor Jonathan Zittrain from Oxford University's Internet Institute in the UK, analysed more than 75,000 unsolicited e-mails. All of the messages touting stocks and shares were sent between January 2004 and July 2005."
Could she be this petty... uh... I withdraw the question.
http://blog.washingtonpost.com/securityfix/2006/08/paris_hilton_accused_of_phone.html
Paris Hilton Accused of Phone Phreakiness
... So says SpoofCard.com, a company that offers "spoofing" services that let people fake the number that appears in the recipient's caller ID display. The company's lawyer, Mark Del Bianco, says Hilton was among some 50 customers whose accounts were suspended for allegedly using Spoofcard's service to break into other peoples' voice mail accounts and listen to their private messages or alter their outgoing messages. Spoofcard said it discovered the violation "while reviewing its customer call records for evidence of fraud and other prohibited conduct."
http://www.technewsworld.com/rsstory/52633.html
The Battery Recalls: Frequently Asked Questions
By Michelle Kessler USA Today 08/25/06 8:42 AM PT
... Apple and Dell both announced large laptop battery recalls this month. Here are answers to some common customer questions:
Think of this an an electronic version of the sideshow barker (e-barker?)
http://www.technewsworld.com/rsstory/52649.html
CBS to Use Bluetooth to Beam TV Clips to Passersby
By Keith Regan www.EcommerceTimes.com Part of the ECT News Network 08/25/06 2:12 PM PT
Very impressive tour of a modern data center. You should see this video!
http://news.com.com/1606-2_3-6109900.html?part=rss&tag=6109900&subj=news
Video: See where the Internet lives
Take a tour of the data warehouse for the Web
Equinix is responsible for holding massive amounts of data, including storage for popular sites like MySpace.com. Take a tour of the facilities, and see how much energy it takes to keep the Web alive. CNET News.com's Neha Tiwari reports.
So how would a non-governmental entity (a private eye) be able to trace through a secure system where the FBI can't?
http://techdirt.com/articles/20060825/131234.shtml
Note To Fugitives: Stay Off Of Skype
from the man-on-the-run dept
We reported last week about Kobi Alexander, the ex-CEO of Comverse, who's gone on the lam to avoid charges relating to a stock-options scam. Now, he's apparently been tracked down in Sri Lanka -- by a private eye hired by a venture capital company, who was able to trace him to a fishing village by tracking a call he made to relatives over Skype. It's not clear it's done much good, as the FBI just says it's checking out the report, while rumors say Alexander's already ditched Sri Lanka, perhaps for some place where it's a little harder to get extradited. In any case, one of Skype's selling points is its "security" -- but as is pointed out on Bruce Schneier's site, there's a big difference between the encrypting of calls Skype does, and a system that offers anonymity, as Alexander has presumably discovered.
Gee willikers, you don't suppose they've done this before?
http://techdirt.com/articles/20060825/120054.shtml
FCC Acts Concerned About Telco Doublespeak
from the please-provide-more-doublespeak dept
We've discussed this week how both Verizon and BellSouth were adding on new "regulatory fees" or "supplier surcharges" that almost exactly matched the Universal Service Fund fees they were no longer required to collect for DSL service. In both cases, the companies tossed out a bunch of meaningless doublespeak about why those fees were legitimate, and weren't just a way to take the money that had previously gone to the useless USF and pocketing it themselves. It was especially egregious since the telcos had lobbied the FCC to get rid of those fees, claiming it would benefit consumers. With so much attention, it appears that the initial doublespeak is a little confusing to the FCC as well, and they've now asked for a bit more info from both telcos, suggesting that these new fees may violate "truth in advertising" laws. Of course, seeing as the telcos seem to have an extra special relationship with the FCC leadership these days, it's unlikely that this new investigation will result in anything.
This all hinges on the definition of “large sum” which I believe is best defined as “How much you got on you?”
http://hammeroftruth.com/2006/08/24/united-states-of-america-v-124700-in-us-currency/
U.S. v. $124,700 in U.S. Currency
No really, that’s the name of the case.
The Eighth Circuit Appeals Court recently ruled that police may seize cash from motorists, citing that “possession of a large sum of cash is ’strong evidence’ of a connection to drug activity.” [So can I sue my bank? Bob] The case, in which Emiliano Gomez Gonzolez — a man with a “lack of significant criminal history” — was caught with the “crime” of having too much cash on him, so they confiscated it, and apparently pressed charges against the money itself and took it to court.
Says Radley Balko:
Gonzolez was never even charged with a drug crime, much less convicted. Which means the prosecutors didn’t even have enough evidence to bring the case to trial. Yet the state still took the man’s $125,000, money he had a pretty respectable explanation for, complete with witnesses. That’s not even mentioning the fact that in a free society, a man never charged with a crime shouldn’t have to vouch for the legitimacy of the money he’s carrying, no matter how he happens to be carrying it.
Dead presidents have no rights.
They start training these terrorists early.
http://psp3d.xhardwarereviews.com/index2.php?page=Hacking%20Wireless%20Networks%20With%20The%20PSP
Hacking Wireless Networks With The PSP
Is the PSP spurring a new generation of safety concerns?
August 24th, 2006 By Robert A.
No comments:
Post a Comment