Mid-sized companies are targets because they don't spend as much as a TJX to secure their data... And they apparently don't require their service providers to do so either.
http://kennebecjournal.mainetoday.com/news/local/3676190.html
Hackers swipe seed company's customers' data
By DOUG HARLOW Staff Writer Kennebec Journal & Morning Sentinel Saturday, March 03, 2007
WINSLOW -- The Web site of Johnny's Selected Seeds has been hacked by an intruder, resulting in the theft of thousands of private records and credit card numbers, a company official said Friday.
Bruce Harrington, the company's director of sales and marketing, said 11,500 credit card accounts were stolen electronically in February.
... Of the total number of accounts that were breached, about 20 of the credit cards were used fraudulently, Harrington said. [Wow! This isn't the normal “we have no evidence...” statement. How refreshing! Bob]
... Harrington said the security system was hacked in a very sophisticated, methodical way.
"Essentially what happened is that criminals gained access to our internal systems and gathered enough information to allow them to then gain access to our Web site," Harrington said.
The company's "server farm" in Kentucky was the target, he said.
"They hack in there with the information they have, then they can get into information that's stored on the Web, which included credit card information," [Why was this stored online? Bob] he said. "Since then, emergency measures have been implemented and the site is being monitored around the clock to ensure this doesn't happen going forward."
... Harrington said the breach was noticed on Feb. 18, when two customers called and said their credit cards had been compromised with fraudulent charges. [Customers could figure it out, but the company couldn't? Bob]
... The investigation by the company's emergency response team determined that the original illegal entry happened Feb. 4. The system was locked down, passwords were changed, hard drives were removed and multiple new security layers and software were put in place to make sure something like this does not happen again, he said.
... He said the breach and subsequent investigation, mailings to affected customers and software corrections have cost the company tens of thousands of dollars. "This has really put a financial burden on us in the short term," he said.
Harrington said he thinks the company's quick discovery of the breach and its quick action to alert customers prevented the additional use of the stolen credit card data. [Want to bet? Bob]
"I think we prevented a lot of things by early detection," he said.
Whistleblowing is good? The VA didn't notice that Walter Reed Hospital was falling apart, why would they notice new security rules?
http://www.navytimes.com/news/2007/03/apvetsdumpclinic070303/
Inspectors review documents dumped at VA clinic
The Associated Press Posted : Saturday Mar 3, 2007 9:36:15 EST
LAS VEGAS — Federal inspectors are reviewing a whistleblower’s report about unshredded files found in the trash behind a veterans health clinic in Las Vegas last month, Veterans Affairs Secretary Jim Nicholson said.
... Rep. Jon Porter, R-Nev., requested the review after a security guard from the West Clinic in Las Vegas came forward with a sample of discarded records the guard said he found Feb. 6 in trash bins behind the building.
The guard, Andrew Martin-Smith, said the documents appeared to be federal employment applications with names, addresses, Social Security numbers and individuals’ military service records.
Whistleblowing is bad? (Well, maybe after six years...)
http://www.myrtlebeachonline.com/mld/myrtlebeachonline/news/local/16828589.htm
WH Group offers to settle data suit with school district
Associated Press Posted on Sat, Mar. 03, 2007
GREENVILLE, S.C. - Two men fighting the school district in a lawsuit over surplus computers they bought with thousands of Social Security numbers still on them say they are willing to settle the case.
In papers filed Friday, lawyers for Kenneth Holbert and Scott Mann say the Greenville County School District can end the lawsuit if it pays them back for the computers they bought, pays their legal fees and apologizes to them.
... The proposal asks the district to pay Holbert $10,000 for items he has turned over to a court-appointed trustee in response to the lawsuit.
The WH Group turned over several computers and hard drives and other items they had bought at school district auctions over six years. The computers included the Social Security numbers of about 100,000 students and at least 1,000 employees.
Holbert and Mann said they told school district officials about the information when they discovered it, but no one asked them to return the equipment. And, the two contend, they continued finding such data on hard drives they bought at district auctions.
The settlement also would require the school district to post an apology on its Web site for at least 90 days that says neither man "acted improperly in any way."
Locked to keep the reporters out?
http://www.dailyhome.com/news/2007/dh-talladega-0303-dmackey-7c02v4647.htm
Brecon facility where records stored now locked
By David Mackey 03-03-2007
TALLADEGA — The facility storing Talladega County Circuit Court records in Brecon was locked and secured Friday, but the county administrator says it might not remain that way for long.
On Thursday, The Daily Home reported that piles of court records were being stored in an unlocked structure on county land in Brecon that was formerly used to hold Army munitions. Circuit Clerk Clarence Haynes, an elected official responsible for the court’s records, said the files were moved there when he ran out of storage space in the Talladega County Judicial Building six months to a year ago. [We don't know when? Bob]
... “It might be locked up and secure today, but tomorrow it might not be,” Simms said. “It’s 4 or 5 miles out in the wilderness. Who’s to say (a break-in) might not happen tomorrow?”
... Haynes said Wednesday he lacks adequate storage space for his records. He is currently trying to scan paper files into computers for easier storage, he said. The facility in Brecon was supposed to be secured, but has been broken into several times, Haynes said.
... “I don’t think it’s fair to the taxpayers of this county for us to get into the business of providing unlimited storage space for poor document management,” Simms said. “… We’ve got to come up with a long-term solution.”
Interesting to hear what the retail experts think. Nothing too startling, but consensus that this is a big problem handled poorly. (On January 17, when TJX announced their data breach, their stock was at $29.50. Friday it closed at $27.30, a loss of 7.46%)
http://www.eweek.com/article2/0,1895,2099736,00.asp
Retail Technology Week in Review
What's the latest on the TJX data breach and what impact is it having on retail IT around the country? Also, what does an upcoming Forrester Research report about e-eommerce predictions for 2007 mean for Web managers? Panelists include Sucharita Mulpuru, Senior Retail Analyst, Forrester Research; Mark Rasch, a former federal prosecutor and currently the managing director at FTI Consulting; Greg Buzek, CEO, IHL, and Paula Rosenblum of the Retail Systems Alert Group.
Host: Evan Schuman Length: 00:21:24
For some reason, I've noticed many stories recent;y that claim privacy laws are interfering with law enforcement or public safety. Is this all pre-Real ID propaganda?
http://www.theithacajournal.com/apps/pbcs.dll/article?AID=/20070303/NEWS01/703030358/1002
Privacy laws shield whereabouts of Collegetown rapist released from prison
Convicted sex offender reportedly transferred to mental health facility
By Raymond Drumsta Journal Staff
ITHACA — After serving the maximum sentence for his crimes, convicted Collegetown rapist Larry Brown has not returned to Ithaca, local law-enforcement officials said, and may have been transferred to an undisclosed mental-health facility for evaluation.
The new development in the 14-year-old city saga highlights a conflict between the public's right to know and laws protecting patient privacy — amidst ongoing debate about confining sex offenders in state mental-health facilities upon completion of their sentences.
Is this an indication of problems that all multi-nationals might face?
http://sacramento.bizjournals.com/sacramento/stories/2007/02/26/daily66.html
Google's privacy practices 'may run afoul'
Sacramento Business Journal - 1:19 PM PST Friday, March 2, 2007
by San Jose Business Journal
Google Inc. said in its annual report filed Thursday that it is involved in a yearlong unresolved tax dispute with the Securities and Exchange Commission.
... In addition to the tax dispute, Google cautioned in its annual report that its privacy practices may run afoul of U.S., European, or other state or national data protection laws.
"It is possible that these laws may be interpreted and applied in a manner that is inconsistent with our data practices," the Google annual report said.
"In addition to the possibility of fines, this could result in an order requiring that we change our data practices, which could have a material effect on our business," it said.
We're doing it to protect the kids.
http://www.timesonline.co.uk/tol/news/uk/article1466943.ece
Children of 11 to be fingerprinted
David Leppard March 04, 2007
CHILDREN aged 11 to 16 are to have their fingerprints taken and stored on a secret database, internal Whitehall documents reveal.
The leaked Home Office plans show that the mass fingerprinting will start in 2010, with a batch of 295,000 youngsters who apply for passports.
... Opposition politicians and privacy campaigners warn that the plans show ministers are turning Britain into a “surveillance society”.
... The Tories have pledged to scrap the scheme if they win the next election.
So it watches your reaction, then changes its “sales pitch” accordingly. Sort of an automated nagging system? That should make customers happy.
http://www.technewsworld.com/story/56075.html
Coming to a Grocer Near You: 'Candid' Camera
By Anna Salleh ABC Science Online 03/03/07 4:00 AM PT
The system senses someone approaching and plays an advertisement about a particular brand of shampoo on the shelf. Then its camera "watches" to see how that person responds in real time, with special software analyzing the footage. If someone's face is front-on to the display, the system assumes they are interested and continues advertising that brand.
... He says it will also be able to analyze whether the customer is male or female, how old they are and even their ethnic background.
... Ethicist Rob Sparrow of Monash University in Melbourne, Australia, says such marketing technology takes surveillance into an entirely different realm.
"In the past, if someone wanted to know what you were interested in they had to ask you and you had a choice about whether or not you told them," he said.
"Nowadays, people can gather all sorts of information about your interests without you knowing that they've got it, without your consent, and it seems to be a significant loss of liberty," Sparrow added.
[What happens if they get it slightly wrong and you start getting bombarded with ads for (say) divorce attorneys? It could make it unsafe to shop with your spouse. Bob]
A monopolist sets prices to maximize profits, a fool sets prices to maximize prices.
http://yro.slashdot.org/article.pl?sid=07/03/04/0930245&from=rss
New Royalty Rates Could Kill Internet Radio
Posted by Zonk on Sunday March 04, @04:45AM from the one-of-my-favorite-things-about-the-internet dept. Music The Almighty Buck Businesses
FlatCatInASlatVat writes "Kurt Hanson's Radio Internet Newsletter has an analysis of the new royalty rates for Internet Radio announced by the US Copyright Office. The decision is likely to put most internet radio stations out of business by making the cost of broadcasting much higher than revenues.
From the article: 'The Copyright Royalty Board is rejecting all of the arguments made by Webcasters and instead adopting the "per play" rate proposal put forth by SoundExchange (a digital music fee collection body created by the RIAA)...[The] math suggests that the royalty rate decision — for the performance alone, not even including composers' royalties! — is in the in the ballpark of 100% or more of total revenues.'"
Sharing the cost of development? What did they do, re-invent the calendar?
http://slashdot.org/article.pl?sid=07/03/03/1734252&from=rss
Microsoft Charging Businesses $4K for DST Fix
Posted by Zonk on Saturday March 03, @03:22PM from the pricey-way-to-tell-time dept. Microsoft Software The Almighty Buck
eldavojohn writes "Microsoft has slashed the price it's going to charge users on the day light savings time fixes. As you know, the federal law that moves the date for DST goes into effect this month. Although the price of $4000 is 1/10 of the original estimate Microsoft made, it seems a bit pricey for a patch to a product you've already paid for.
From the article: 'Among the titles in that extended support category are Windows 2000, Exchange Server 2000 and Outlook 2000, the e-mail and calendar client included with Office 2000. For users running that software, Microsoft charges $4,000 per product for DST fixes. For that amount, customers can apply the patches to all systems in their organizations, including branch offices and affiliate.' The only thing they 'can't do', said a Microsoft rep, is redistribute them." 
For Pete's sake, don't tell Al Gore but I'm pretty sure the sun is on fire!
http://science.slashdot.org/article.pl?sid=07/03/03/2310250&from=rss
Sun May Be Warming Both Earth and Mars
Posted by Zonk on Saturday March 03, @10:31PM from the dang-mars-suvs dept. Mars Science
MCraigW writes "Simultaneous warming on Earth and Mars suggests that our planet's recent climate changes might have a natural — and not a human-induced — cause. Mars, it appears, has also been experiencing milder temperatures in recent years. In 2005 data from NASA's Mars Global Surveyor and Odyssey missions revealed that the carbon dioxide 'ice caps' near Mars's south pole had been diminishing for three summers in a row. Habibullo Abdussamatov, head of the St. Petersburg's Pulkovo Astronomical Observatory in Russia, says the Mars data is evidence that the current global warming on Earth is being caused by changes in the sun."
Do you remember any of this?
Trivial Pursuit Bring on the 90’s - The classic board game is now online!
Test your knowledge of the 90's decade in this special online version of Trivial Pursuit. Finally some questions I actually know the answer to!
http://www.gamefools.com/onlinegames/free/TrivialPursuitBringonthe90s.html
No comments:
Post a Comment