Friday, March 04, 2011

Another employee driving around with Backup Tapes in his car. How can any organization still believe this is appropriate?

Cord Blood Registry notifies 300,000 of stolen backup tapes

March 3, 2011 by admin

I first became aware of the following breach from It was reported to them by one of those affected who also reported it on ScamSafe:

ScamSafe appears to be the first to report a serious data breach at Cord Blood Registry ( No mention has been found of this breach in the news or the Data Loss database.

The author received a notification letter as a customer of CBR dated February 14 2011.

A CBR computer and data backup tapes were stolen from an employee’s locked automobile. The stolen tapes contained customer names, Social Security numbers, driver’s licenses and/or credit card numbers.

Read more on ScamSafe.

The breach notification letter was uploaded to

I don’t know what other correspondence CBR sent those affected but their Feb. 14 letter does not include any description at all of what happened or what types of information were involved. Hopefully, such information was in the FAQ they sent which was not uploaded. The police report indicates that the theft occurred in San Francisco on December 13, 2010. I cannot find any statement on CBR’s web site at this time.

I contacted CBR to request additional details. A corporate spokesperson sent me the following statement:

As a company we are doing everything we can to help make customers feel secure after being victims ourselves of a crime. Notifications went out to approximately 300,000 people. The tapes may have contained personal client data. A computer and other property were also stolen at the same time, and we do not believe these tapes were the target of the theft. CBR promptly notified law enforcement of the incident and we brought in computer security experts to evaluate potential risks. Our experts have advised us there is no indication at this time that any of the personal data has been accessed or misused. In order to provide clients with additional protection and peace of mind, we have arranged for clients to sign up for a one-year credit protection program at no charge.

According to the spokesperson’s statement, CBR is not a HIPAA-covered entity and the breach did not involve any health information. The spokesperson did not directly respond to an inquiry asking whether cvv codes were also stored on the backup tapes or computer with credit card numbers, but noted that the type of information was different for different individuals.

In response to the incident, CBR has strengthened its security:

We have taken extra steps on behalf of our customers in providing the credit monitoring free of charge. CBR has also strengthened and tightened our data security procedures. We hired security experts and implemented a number of improvements to protect our client data. The company continues to monitor these processes but will not share any details of these changes in order to preserve the integrity of the security mechanisms. The data on the tapes was not encrypted. We recognize that the loss of unencrypted data poses a risk, and that’s why we sent out the notices to our customers.

Even crooks like to socialize...

Teenagers jailed for running £16m internet crime forum

Three teenagers who founded and operated one of the world's largest English-language internet crime forums, described in court as "Crimebook", have been sentenced to up to five years in custody.

Police estimate that losses from the thousands of credit details traded over the site,, amount to £16.2m. The web forum, which had 8,000 members worldwide, has been linked to hundreds of thousands of pounds of registered losses on 65,000 bank accounts.

… After seizing Webber's laptop, police discovered details of 100,000 stolen credit cards and a trail back to the Gh0stMarket website

… The site contained manuals such as "14 ways of hacking credit cards" and "running cards on eBay" and information on staying anonymous. It sold hacking software and instructions on how to manufacture crystal meth and explosives.

Computer Forensics...

Questions in the Search and Seizure of Digital Evidence Are Ripe for Answers

March 3, 2011 by Dissent

Elkan Abramowitz and Barry A. Bohrer write in the New York Law Journal:

Uncertainty regarding the application of the Fourth Amendment to computers, e-mail, and other digitized information[FOOTNOTE 1]has a significant impact on those accused of white-collar crime because so much of the evidence in white-collar cases derives from those sources.[FOOTNOTE 2] This article examines recent decisions on the Fourth Amendment’s application to digital evidence, noting a number of open and controversial questions that seem ripe for adjudication by the U.S. Supreme Court. A recent decision from the Court indicates a reluctance to address such issues, however.

Read more on Law Technology News.

Interesting speculation.

The Age Of Relevance

What’s the Next Big Thing after social networking?

This has been a favorite topic of much speculation among tech enthusiasts for many years. I think we are already witnessing a paradigm shift – a move away from simple social sharing towards personalized, relevant content.

The key element of the next big thing is the increasing significance of the Interest Graph to complement the Social Graph. While Facebook, Twitter, and Google are already working on delivering relevant content, a slew of startups are focusing exclusively on it.

Relevance is the only solution to the problem of information overload.

Imagine what an e-Monkey Wrench would do here...

Contemplating Financial Trading At Picosecond Resolution

"One complaint made of the modern stock market is that it is concerned too much on the short term. A second is a long time in cash-equities trading. Four or five years ago, trading firms started to talk of trading speeds in terms of milliseconds. But in recent weeks trading geeks have started to talk about picoseconds, in what is a truly mind-boggling concept: a picosecond is one trillionth of a second. Put another way, a picosecond is to one second what one second is to 31,700 years."

Can't wait?

Firefox 4 Web Demos: Web O' Wonder

"Similarly to Google with Chrome Experiments and Microsoft with Internet Explorer Test Drive, Mozilla has developed an HTML5 demo site to showcase the latest features supported by Firefox 4. Mozilla's Paul Roget writes, 'Firefox 4 is almost here, and comes with a huge list of awesome features for web developers. In order to illustrate all these new technical features, we put together several Web demos. You'll see a couple of demos released every week until the final version of Firefox 4. You can see the first 3 demos online now on our brand new demo web site: Web O' Wonder. Unlike certain other HTML5 demo sites, Mozilla's site works in any browser that supports the features used in the demo."

For my Computer Security students.

Five Best Browser Security Extensions

Security and privacy are some of the major concerns these days while using internet. The Web browser is one of the most used and exploited application that is used by most of the people as it is considered to be the primary connection to the rest of the internet. Multiple applications may depend on your browser, or elements within your browser, to function and this thing makes the security settings even more important within your browser. To increase your browsing experience, many web applications enable different types of functionalities. But unfortunately, sometimes these functionalities might be unnecessary and may leave you at risk to be attacked. So the safest way is to disable the major of such features, unless or until you find them very necessary. This article is devoted to help you out in understanding the flaws and vulnerabilities of Web browser software and to use your Web browser securely through the best security extensions.

Geek toys

How To Record TV Shows On Your PC

If you are feeling especially brave, you can actually hook a computer directly to your television set – this is called a HTPC or a Home Theater PC.

Let this tutorial show you how to save the cost of a digital video recorder by closely aligning two of the most important entertainment devices in your home to record tv shows on your PC.

No comments: