Monday, May 04, 2009

They must really hate these guys. They wouldn't treat (insert name of large, rich company here) like this!

http://www.databreaches.net/?p=3442

FINRA Fines Centaurus Financial $175,000 for Failure to Protect Confidential Customer Information

May 3, 2009 by admin Filed under: Financial Sector, Other, U.S.

Earlier this week, FINRA fined Centaurus Financial, Inc., as described below in their press release. I’ve been searching, but do not see where the incident described below was ever reported in the media at the time. Interesting….

The Financial Industry Regulatory Authority (FINRA) has announced today that it has fined Centaurus Financial, Inc. (CFI), of Orange County, CA, $175,000 for its failure to protect certain confidential customer information. Centaurus was also ordered to provide notifications to affected customers and their brokers and to offer these customers one year of credit monitoring at no cost.

FINRA found that from April 2006 to July 2007, CFI failed to ensure that it safeguarded confidential customer information. Its improperly configured computer firewall - along with an ineffective username and password on its computer facsimile server - permitted unauthorized persons to access stored images of faxes that included confidential customer information, such as social security numbers, account numbers, dates of birth and other sensitive, personal and confidential data. The firm’s failures also permitted an unknown individual to conduct a “phishing” scam. When CFI became aware of the phishing scam, the firm conducted an inadequate investigation and sent a misleading notification letter to approximately 1,400 affected customers and their brokers.

… “When a firm becomes aware of an unauthorized access, it must conduct an effective review and provide customers with accurate information about that unauthorized access.”

… the unauthorized access was made possible by the inadequate firewall and weak username (”Administrator”) and password (”password”) on its computer fax server.



Again, it is obvious (from photos in the article) that the Denver skimmer would have been easily detected if someone bothered to look. The Pismo Beach skimmer required tools and time to install, but if it had been done correctly would not have been visible. Still, an “access door open” alarm would have notified the clerk...

http://www.databreaches.net/?p=3445

Two more skimmers in the news this week

May 3, 2009 by admin Filed under: Financial Sector, Skimmers, U.S.

From the It-Could-Have-Been-Worse dept:

  • The Denver Post reports that a skimmer was found on the ground at a First Bank branch in Westminister. Apparently the adhesive didn’t work out that well. The skimmer was found April 23, and according to the report, the ATM was last serviced March 22. So far, no word on how long the skimmer may actually have been in operation.

  • The Tribune reports that Pismo Beach police said a skimmer uncovered last week had been installed at the Five Cities Drive Unocal 76 gas station. The device was not visible from outside the machine, and reportedly actually caused it to malfunction.



GCHQ is the UK's equivalent of NSA. It makes sense that these agencies are behind the “police” surveillance effort.

http://yro.slashdot.org/article.pl?sid=09/05/03/193249&from=rss

Warehouse or No, UK's Expensive Net Spying Plan Proceeds

Posted by timothy on Sunday May 03, @03:16PM from the man-vs.-the-state dept. Privacy Communications Government The Internet

Vincent West writes with this excerpt from The Register:

"Spy chiefs are already spending hundreds of millions of pounds on a mass internet surveillance system, despite Jacqui Smith's announcement earlier this week that proposals for a central warehouse of communications data had been dumped on privacy grounds. The system — uncovered today by The Register and The Sunday Times — is being installed under a GCHQ project called Mastering the Internet (MTI). It will include thousands of deep packet inspection probes inside communications providers' networks, as well as massive computing power at the intelligence agency's Cheltenham base, 'the concrete doughnut.'"


Related? Perhaps NSA held a training session for the FBI?

http://techpresident.com/blog-entry/fbi-following-you-twitter-and-responding

The F.B.I. is Following You (on Twitter) and Responding

Micah L. Sifry May 2, 2009 - 9:24am

For a federal agency that has struggled for years to modernize its computer systems, this is pretty impressive, and just a tad worrisome:

… Obviously, someone in the FBI Press Office is tracking references to the agency on Twitter and has the authority to respond, an echo of efforts in the private sector by companies like JetBlue to be more responsive to immediate complaints or issues raised by consumers. The agency is also using the service to track more serious matters, like this case of an Oklahoma man who was allegedly issuing violent threats around the "tea-bagging" protests a few weeks ago.



Keeping an eye on Congress?

http://www.bespacific.com/mt/archives/021262.html

May 03, 2009

THOMAS Launches First RSS Feed

"The Congressional Record Daily Digest is now available as the first RSS feed from THOMAS. The Daily Digest from THOMAS is one of five RSS feeds available from the Law Library of Congress as described on our RSS Feeds and Email Delivery http://www.loc.gov/law/news/rss.php page. To see a complete list of RSS feeds and email updates available through the Library of Congress, please visit Library of Congress RSS Feeds and Email Subscriptions. For help with subscribing and suggestions for news readers, please see Library of Congress RSS Feeds http://www.loc.gov/rss/faq.html." [Emily Carr, Legal Reference Specialist, Law Library of Congress]



Might amuse my website class

http://www.alpoy.com/

Alpoy

Avatar creator and animator

No comments: