I wonder how common it is for thieves to just take the hard drives...
http://www.jg-tc.com/articles/2007/01/28/news/news001.txt
EIU computer, IDs stolen
By the JG/T-C editorial@jg-tc.com
CHARLESTON -- Letters have been distributed to approximately 1,400 Eastern Illinois University students, notifying them that confidential information, including their Social Security numbers, were stored on a desktop computer recently stolen from the university’s Student Life office.
The stolen files include the membership rosters and other data from the university’s 23 fraternities and sororities.
According to Dan Nadler, vice president for student affairs, someone broke into the office sometime late Wednesday/early Thursday and removed the password-protected desktop computer and the hard drive and memory from two others. [Why waste time disassembling the computer? Bob] The office is located on the third floor of the Martin Luther King Jr. Union.
While the two individual hard drives contained only general correspondence, the desktop computer contained membership rosters from Eastern’s fraternities and sororities. The database contained personal information, including Social Security numbers, birth dates and addresses, of each member.
The University Police Department is continuing its investigation of the incident. Meanwhile, Nadler said, university personnel have been busy preparing and sending advisories to those whose names appear on the rosters. In addition to official notification of the incident, the letters included safety recommendations each student may take.
“Although we have no evidence that an unauthorized individual has actually retrieved and is using the data, we are bringing this theft to your attention so that you can be extra alert to signs of any possible misuse of your information,” the letter reads.
Nadler stressed that the missing information is that of students currently enrolled at the university. He credited the efforts of Norma Taylor, Greek Life secretary, for “minimizing the amount of information” stored on the stolen computer.
“She does an incredible job of purging older information from semester to semester, thus reducing the risk for breaches of information,” he said. “Former Greek Life students have no need for concern in this matter.”
In 2005, Eastern began transitioning to a campus-wide computer infrastructure which will drastically decrease the university’s use of staff and students’ Social Security numbers, and completely eliminate Social Security number use for identification purposes. That transition is scheduled to be completed in early 2008.
Does no one even look? And I guess, no one controls paper documents any more.
http://www.ksla.com/Global/story.asp?S=5996702&nav=0RY5
SHREVEPORT, LA
Used Desk Contained Names & SSNs Of Former Bank Employees
Jan 26, 2007 04:52 PM
A warning to current Chase and former Bank One employees. Your name and social security number could have been left on a spread sheet which was left on a desk bought by a Bossier City woman.
This Bossier woman who wants to remain anonymous says she bought the desk this week from a used furniture store in Shreveport. "We were cleaning it out and opened up the top drawer and noticed this big ole spread sheet with everybody's names and social security and everything else on it."
Among the things found, a note book with bank employees names and extensions as well as a spread sheet, 165 pages long containing over 4,100 employee names and Social Security Numbers. All were inside this desk which came from inside the former Bank One which in July of 2005 became what is now Chase bank.
I've been doing a little research on the TJX situation. Here are a few interesting snippits:
http://www.boston.com/business/globe/articles/2007/01/24/filling_in_gaps_on_the_data_breach/?page=2
Q. Will this affect TJX earnings?
A. Patrick McKeever , an analyst with Avondale Partners, a Nashville investment banking firm, said there will likely be an effect in the fourth quarter, primarily on the expense line because TJX has had to bring in consultants -- IBM Corp. and General Dynamics Corp. -- to help the company install safeguards.
There probably will be a charge against earnings to set up a liability reserve. Other retailers, such as DSW Inc., that have had data breaches have seen it cost as much as $10 million. "My sense is that TJX could be bigger than what we've seen before," McKeever said.
It is probably normal year-end selling, and has nothing to do with the fact that they were about to announce a big hit to their financials... (Look at the form “4”)
http://ir.10kwizard.com/files.php?source=487
SEC Filings
One indicator we Auditors use to detect fraud is a sudden increase or decrease in the number or amount of transactions. I wonder if Cingular has ever heard of this test?
http://hosted.ap.org/dynamic/stories/C/CELL_PHONE_FRAUD?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT
Jan 27, 5:21 PM EST
Fla. Retiree Wins Cell Phone Bill Fight
SARASOTA, Fla. (AP) -- A 77-year-old retiree has won a two-month battle with a cell phone company over bills for about $31,000 in calls from Nicaragua he says he never made.
Oliver DeSofi's Cingular Wireless bill from November listed more than $21,420 in roaming charges for more than 4,000 calls made from his phone from Nicaragua. When he contacted Cingular about the charges, DeSofi learned there were already $9,554 in similar charges on his next bill.
The former bank executive said his bill was normally about $150 - he has never been to Nicaragua.
"I told them this is impossible," DeSofi said.
DeSofi complained of fraud, but Cingular disagreed and tried to collect the money, the Sarasota Herald-Tribune reported Saturday.
Cingular canceled DeSofi's account, saying its fraud department did not find any problems with the account. [“...and we have a policy of never working with a customer when we can work against one.” Bob] The company reversed its decision after a Herald-Tribune inquiry on Thursday. [“We don't like stories showing our hand in the cookie jar.” Bob]
"We are researching how it was handled from beginning to end," Cingular spokeswoman Kelly Starling said.
A company representative told DeSofi that his bill had been credited the full amount and with an additional $120, which he could use if he wanted to resume service.
DeSofi said he did not plan to return to Cingular.
Why would any government agency NOT use technology that is proven effective? Also, the US has used the argument that, “other countries are doing it” to justify their using it here.
http://yro.slashdot.org/article.pl?sid=07/01/27/1947207&from=rss
The Taxman's Web Spider Cometh
Posted by kdawson on Saturday January 27, @04:20PM from the crawling-towards-an-audit dept. Privacy The Almighty Buck
Juha-Matti Laurio writes "A five-nation tax enforcement cartel has been quietly cracking down on suspected Internet tax cheats, using a sophisticated Web-crawling program to monitor transactions on auction sites and to track operators of online shops, poker, and porn sites. Austria, Denmark, Great Britain, and Canada have joined The Netherlands in pursuing the 'Xenon' program with the assistance of an Amsterdam-based data mining company. Wired News reports that the Web crawler uses so-called 'slow search' to avoid creating excessive traffic on a site or drawing attention in the sites' server logs."
The article notes that the US IRS will neither confirm nor deny using similar technology.
Find something useful.
January 27, 2007
Directory of Radio Podcasts Also Offers Directory of Business Blogs
Filed under: Business-Research, Net-Tech-Blogs
A little while ago I mentioned a business podcast directory called iBizRadio . It’s been brought to my attention that the same company that runs this resource also has a resource called iBlog Business, a directory of business and corporate bloggers.
... This directory apparently only accepts about 25% of the submissions that it gets — I found the listings for the most part to be pretty good, though occasionally the descriptions didn’t give enough information. You can get lists of new blogs added at http://www.iblogbusiness.com/new/index.html and a list of the most popular blogs at http://www.iblogbusiness.com/popular.html . Aaaaand FAQs for the whole shebang are at http://www.iblogbusiness.com/faq.html .
One example. Not terrible impressive because the lawyer speaking sounds like he is bored stiff and wants to finish this and go home...
January 26, 2007 Posted By Stark & Stark
New Jersey Legal Update - Podcast # 58
This week's New Jersey Legal Update podcast will discuss the rules of civil procedure, in the state of New Jersey as well as on a federal level, relating to the issue of electronically stored information for the discovery process.
This week's New Jersey Legal Update is presented by Jason A. Storipan, member of Stark & Stark’s Employment Group.
You can download the New Jersey Legal Update Podcast # 58 here. (5.15 MB)
An unrelated blog.
http://www.privacylawyer.ca/blog/2007/01/privacy-podcasts.html
Canadian Privacy Law Blog
Thursday, January 25, 2007
Privacy podcasts
I've recently subscribed to a couple of Podcasts about privacy. There aren't many out there, but these two have been really good so far:
If you know of any good privacy podcasts, please leave the details in the comments.
Remember, blogging is dangerous.
http://digg.com/tech_news/Top_100_blogger_Subpoened_Over_Comments_In_Blog
Top 100 blogger Subpoened Over Comments In Blog
Jeremy Schoemaker, a Technorati top 100 blogger, has been subpoenaed to testify about comments made on his blog. This will be a case to follow and could set a president for who is liable for what in comments of websites.
http://www.shoemoney.com/2007/01/27/shoemoney-you-just-got-served/
http://www.technewsworld.com/rsstory/55417.html
E-Learning Software Patent Under Scrutiny
By Katherine Noyes LinuxInsider Part of the ECT News Network 01/27/07 4:00 AM PT
The U.S. Patent and Trademark Office announced Thursday that it will re-examine a patent held by e-learning software company Blackboard. The Software Freedom Law Center, an open source software group, made the request in November on behalf of three open source educational software programs, citing documents that predate the awarding of Blackboard's patent.
Have you considered becoming a geek?
http://digg.com/linux_unix/Linux_101_The_very_basics_of_Linux
Linux 101 - The very basics of Linux
Linux is an operating system that is available for free. It is what is known as open source, its source code is freely available for anyone to modify and as a result the operating system is very flexible; it runs on a variety of different platforms. It is commonly used in machines such as mobile phones and ATM’s and it’s now becoming quite popular.
http://leland.info/2007/01/27/linux-101/
Let's hope that “Better late than never” does not become the mantra at DHS
http://www.bespacific.com/mt/archives/013746.html
January 26, 2007
DHS Posts Annual Report on Congress After Delay
Follow up to November 20, 2006 posting, DHS Privacy Office Annual Report to Congress Released After One Year Delay [EPIC posted the report] - note that this report has now been posted to the DHS Privacy Office website: Annual Privacy Report to Congress, July 2004 to July 2006 (PDF, 38 pages).
No comments:
Post a Comment