A commendable over-abundance of caution?
Personal data of 15,000 TWU students made vulnerable
By Pegasus News wire Friday, December 22, 2006
In the wake of this recent potential personal data nightmare at UT Dallas, comes one at Texas Woman's University. From a school release:
Texas Woman’s University is notifying approximately 15,000 students that their personal data has been exposed to potential identity theft.
The personal data of all students who were enrolled at TWU in the calendar year 2005 was exposed. The personal data includes names, addresses and Social Security Numbers. This exposure affects the university’s three campuses in Denton, Dallas and Houston.
University officials discovered earlier this week that IRS 1098-T Tuition Statement data for 2005 was transmitted to an outside vendor via a non-secure connection. The data was briefly exposed only during transmission and is now secure.
No detail, but certainly computer related...
Personal Info. of Faculty and Students Appeared on Yahoo
December 22nd, 2006 @ 9:31pm
(KSL News) -- A security breach at Utah Valley State College has potentially left thousands of students and faculty at risk.
Personal information, including Social Security numbers, started to show up on Yahoo's search engine in November. The information has since been removed from UVSC's servers.
The compromised data pertains only to Distance Education instructors and students enrolled in UVSC courses between January 2002 and January 2005.
Not all faculty and students during that time were affected.
Not a computer issue?
Bank says customer data may have been stolen
BY PETER HULL The Post and Courier
Bank of America, one of the region's largest financial institutions, said this week that Social Security numbers and other information about an undisclosed number of its Charleston-area customers may have been stolen.
The Charlotte-based financial giant declined to say how many people were affected or what areas they live in, but it said it has notified all of them of the suspected breach in writing.
The ill-gotten personal information also includes names, addresses and telephone numbers, the company said.
Bank of America said it is working closely with law enforcement officials as part of an ongoing investigation.
"The security of clients' information remains a key priority for us," said company spokeswoman Nicole Nastacie.
In a letter to a Charleston customer dated Dec. 14, the bank said that it "recently learned that some of your personal information may have been obtained by unauthorized persons for the purpose of engaging in fraudulent activity."
An unidentified former contractor for Bank of America is believed to be responsible, according to the letter.
Dumpster diving is alive an well... I wonder what they were looking for?
Personal Info On Dozens Of Ballplayers Taken From Dumpster
POSTED: 9:03 am EST December 22, 2006 UPDATED: 9:07 am EST December 22, 2006
CLEVELAND -- Former Indians player Jim Thome is one of close to 90 major leaguers whose identity could be at risk.
SFX Sports represents some of the biggest names in a variety of sports, and police said 38-year-old David Dright went through a Dumpster outside the agency's Northbrook, Ill., office and recovered personal information on 80 to 100 Major League ballplayers.
"He was actually going through trash receptacles or Dumpsters and recovered numerous paperwork, documents, things like that," [How descriptive... Bob] said Detective Adam Hyde, of the Lincolnshire police.
Police weren't looking for the ballplayers personal documents when they searched Dright's Chicago apartment but knew what they had once they found them.
An attorney for SFX said they will work with their clients to ensure no identities were compromised, and Illinois police are doing the same.
"We've been in contact with Major League Baseball, also the Major League Baseball Players' Association, and we've also contacted some of the players individually," said Detective John Anderson.
Police said it appears that Dright attempted to get credit cards using the identities of at least two players. The extent of the fraud won't be known until police can process Dright's computer.
If its good enough for Her Majesty....
Podcasting gets U.K. royal seal of approval
Queen's speech will, for the first time, be available as video and audio downloads from the BBC's Web site
By Nancy Gohring, IDG News Service December 22, 2006
... This year for the first time Queen Elizabeth II's Christmas speech will be available as a podcast.
... Interested listeners can sign up for the Royal Podcast now and will receive the latest episode, the Christmas speech, at the time of the broadcast.
Another “secret regulation” bites the dust?
Court Not Buying FCC's Claims Over Indecency Fines
from the where-are-the-parents? dept
As many of you are aware, the FCC in the last few years has spent an awful lot of time on television indecency issues -- though they seem to do so not because of any real offense, but because certain family groups flood the FCC with complaints, often long after a TV show actually aired. The FCC refuses to give TV broadcasters any guidelines or preview any content, noting that that would be "censorship." Instead, they give vague guidelines and will only fine you if you fail to meet the hidden standards. The networks are fighting back in court, and it looks like the FCC isn't looking very good so far. In court hearings yesterday, the 3-judge panel blasted the FCC on a variety of points, noting that their hidden standards are really no different than censorship -- and, if anything, are worse, because it's just a game of "gotcha." However, even more to the point, the judges questioned why the FCC feels the need to take over the parents' role in policing what children see on TV, noting that it's the parents' responsibility to monitor what their kids watch. Basically, they say that if parents are worried about what kids are watching in their bedrooms, the parents shouldn't allow TVs in kids' bedrooms. In other words, it's the parents' responsibility to protect the children, not the government's. The judges also point out how silly it is to hold a separate standard for broadcast TV (the only thing the FCC really has the authority to regulate), when there's so much more on cable and satellite which the kids are probably watching anyway. While that could just open up the FCC to pushing for greater authority over cable and satellite TV (as some politicians would like), it's worth remembering that the FCC's mandate is only over public airwaves -- not private ones, and any change would face tremendous resistance. While the case is still ongoing, it certainly looks like the court took a pretty hostile view to the FCC's usual reasons for fining broadcasters over indecency.
I'd like to see this booklet. Perhaps it could be translated into a guide for the rest of us?
Guidebook Designed to Help Judges Protect Their Personal Privacy
"Protecting Your Personal Privacy," a collaborative effort of The Center for Information Technology and Privacy Law at The John Marshall Law School and the Chicago Bar Association (CBA), is an easy-to-read informational booklet that has been distributed to all federal judges in the 7th Circuit, and now is being distributed to other federal circuits as well as state court judges.
(Vocus/PRWeb ) December 22, 2006 -- The desire to protect judges and their families from the wrath of the public outside of the courthouse has led to the publication of a 20-page guide that offers tips on how best to protect one's privacy.
"Protecting Your Personal Privacy," a collaborative effort of The Center for Information Technology and Privacy Law at The John Marshall Law School and the Chicago Bar Association (CBA), is an easy-to-read informational booklet that has been distributed to all federal judges in the 7th Circuit, and now is being distributed to other federal circuits as well as state court judges. The booklet has been made available to the families of judges through the Judicial Family Institute and is also available to the general public. [I haven't found it yet. Bob]
"It has been very well received said Collins T. Fitzpatrick, circuit executive for the U.S. Court of Appeals, 7th Circuit. "It's a terrific help to anyone who follows it."
"A series of events, starting with the murders of family members of U.S. District Court Judge Joan Humphrey Lefkow, raised awareness of both physical and informational security and safety for judges and their families," said the booklet's chief author Leslie Ann Reis, director of the Center for Information Technology and Privacy Law.
The CBA called together members of the federal and state judiciary, academics and leading practitioners to propose ways judges and their family members could protect their security and safety.
Committee members initially were "shocked" by the amount of information available on judges and the vulnerabilities created by the misuse of that information, Reis said. The booklet is meant to empower judges by outlining ways that personal information can be protected from public availability by limiting the amount of one's personal information that is put into the public domain.
"We found there was no real guidance out there that would allow judges to proactively protect their privacy," Reis said. "Our approach (in developing the booklet) was how to keep the information from getting into the public domain in the first place, rather than legislating and criminalizing the disclosure of information.
"Availing yourself to the conveniences of modern-day living involves giving up a certain amount of privacy. We aren't telling judges what to do. What information you share and with whom is a cost benefit analysis that everyone has to make for themselves," she noted.
Reis, who has been studying and teaching privacy law the past 10 years, said the booklet is "helping to raise awareness among the judges of the potential dangers, and empowering them to make reasoned uses of their personal information."
The booklet has suggestions as simple as not providing information for directories or product rebates, to the more detailed outlines, including creating land trusts so that personal information is not tied to real estate transactions in the public record.
"We all know the benefits of technology. What needs to be decided is how much personal information you're willing to exchange to gain those benefits," Reis said. "If you follow the tips we give, you'll have the tools to make a reasoned decision."
Vista Exploit Surfaces on Russian Hacker Site
December 22, 2006 By Ryan Naraine
Proof-of-concept exploit code for a privilege escalation vulnerability affecting all versions of Windows—including Vista—has been posted on a Russian hacker forum, forcing Microsoft to activate its emergency response process.
Mike Reavey, operations manager of the Microsoft Security Response Center, confirmed that the company is "closely monitoring" the public posting, which first appeared on a Russian language forum on Dec. 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server.
... "While I know this is a vulnerability that impacts Windows Vista I still have every confidence that Windows Vista is our most secure platform to date," [How sad... Bob] he added.