http://www.databreaches.net/?p=7447
Rocky Mountain Bank reveals “oops” in court papers
September 22, 2009 by admin Filed under Breach Incidents, Breach Types, Exposure, Financial Sector, Of Note
As noted on PogoWasRight.org yesterday, Thomas Claburn of Information Week reports that when Rocky Mountain Bank tried to get a court to seal its lawsuit against Google to compel disclosure of information on the recipient of an errant Gmail containing sensitive customer information, the court declined.
It looks like the Streisand Effect has struck again, as now the media are not only reporting details of the breach that were included in the judge’s ruling denying the seal, but Rocky Mountain Bank may get a worse reputation for trying to perhaps justify not disclosing their error to the 1,325 customers whose details were mis-sent to the wrong Gmail address.
So in the absence of an actual breach disclosure notification by the bank, this site views the court order as a breach disclosure. A copy of the judge’s order (pdf, courtesy of Threat Level) indicates that the court did not agree that determining whether the email had been opened was necessary in order to inform customers of the breach:
Plaintiff argues that if its complaint and motion papers are not filed under seal, all of its customers may learn of the inadvertent disclosure. Plaintiff further argues that publication of the disclosure before it determines whether the Gmail account is active or dormant will unnecessarily create panic among all of its customers and result in a surge of inquiry from its customers. In his declaration, Mark Hendrickson, states that “until there is a determination that the Confidential Customer Information was in fact disclosed and/or misused, the Bank cannot advise its customers on whether there was an improper disclosure.” (See Declaration of Mark Hendrickson in Support of Motion to File Under Seal, filed herein on September 18, 2009, ¶ 18.)
An attempt by a bank to shield information about an unauthorized disclosure of confidential customer information until it can determine whether or not that information has been further disclosed and/or misused does not constitute a compelling reason that overrides the public’s common law right of access to court filings. Plaintiff is already able to advise its customers that there has been an unauthorized disclosure of confidential customer information, and inform them of the steps it is taking to rectify the situation.4 And Plaintiff has not shown that disclosure of the information contained in its complaint and motion papers “could result in improper use of the material for scandalous or libelous purposes or infringement upon trade secrets,” or invasion of any personal privacy rights that might warrant protection under Federal Rules of Civil Procedure 26(c). Plaintiff has not disclosed any actual customer information in its pleadings or motion papers.5
—–
4 The possibility that the email has not been opened, or that the information has not been misused, does not change the fact that there already was an unauthorized disclosure of the information to an unknown third party.
The usual question: What was the compelling reason for this data to be on a laptop computer or to be out of the office?
http://www.databreaches.net/?p=7458
Laptop with some of Madoff victims’ data stolen
September 22, 2009 by admin Filed under Breach Incidents, Business Sector, Of Note, Theft, U.S.
It just seems to get worse and worse for Bernie Madoff’s victims.
Now AlixPartners, the court-appointed claims agent for the liquidation of Bemard L. Madoff Investment Securities LLC reports (pdf) that in late July, a laptop computer of theirs was stolen from an employee’s locked vehicle. The laptop contained historical information from 1995 and earlier which may include some of the personal information of up to 10 residents of New Hampshire and an unspecified total number of individuals. The personal information included the individuals’ names, addresses, Social Security numbers, and/or account numbers (which are now defunct).
Although the theft was reported to the Dallas police promptly, the police reportedly asked AlixPartners to delay notification until September 15 so as not to impede their investigation. The laptop was one of several stolen from parked vehicles that same day in that area.
The company has offered affected individuals two years’ worth of free credit monitoring.
Update: Newsday reports that 2.246 investors were affected by this incident.
There seems to be a lot of these types of lawsuits.
http://www.pogowasright.org/?p=4041
First Amendment lawsuit challenges Florida ‘Police Privacy Statute’
September 22, 2009 by Dissent Filed under Court, Featured Headlines, Govt, Internet, Legislation, U.S.
Robert Brayshaw says that the City of Tallahassee arrested and prosecuted him twice for publishing a police officer’s address online at Ratemycop.com. Now Brayshaw is challenging the constitutionality of Florida Statute §843.17, which states:
Any person who shall maliciously, with intent to obstruct the due execution of the law or with the intent to intimidate, hinder, or interrupt any law enforcement officer in the legal performance of his or her duties, publish or disseminate the residence address or telephone number of any law enforcement officer while designating the officer as such, without authorization of the agency which employs the officer, shall be guilty of a misdemeanor of the first degree, punishable as provided in s. 775.082 or s. 775.083.
Brayshaw contends that the statute interferes with his First Amendment rights and that the information he published was not only truthful but was publicly available on the Web already. As alleged in the complaint:
One of Plaintiff’s postings, on March 31, 2008 (the only posting he made that day) stated:
Annette Pickett Garrett, 47 years old, 7 kids, Single, Divorced Anthony Edward “Tony” Drzewiecki, 38 yo, Home: 1929 xxxxxxxxx Drive, Tallahassee, Florida 32303-7123, Home Est. $167,500. Built in 1973, 1669 square feet. Cingular Cell-Phone: (xxx) xxx-xxxx, E-Mail Address: xxxxxxxxxx@Comcast.net.
This personal information regarding Officer Garrett was truthful and, at the time, publicly available. Plaintiff obtained this information through searches on the Internet. In fact, Officer Garrett’s name and address are still publicly available on the Leon County Clerk of Court’s website at: http://cvweb.clerk.leon.fl.us/cvimage/official_records/download_document.asp? book=3644&page=02266&type=OR&subnet= (last visited September 18, 2009).
(Note: all of the officer’s details are provided in unredacted form in the complaint, but I have redacted some of them here — Dissent)
In some sense, this case is reminiscent of The Virginia Watchdog case. Although that case was in Virginia, the federal judge presiding over that case wrote:
“The relevant case law is clear that, if the State wishes to claim that the confidentiality of a certain piece of information is a State interest of the highest order, then the State should not make that information publicly available.” [That's called logic. Bob]
Will the Florida courts agree with that line of reasoning?
Hat-tip, Courthouse News
Politicians! We plan to act more openly/ethically/fiscally responsibly, but that plan doesn't apply to how we are acting currently. (Talk like a Democrat, act like a Republican?)
http://www.pogowasright.org/?p=4070
Obama to Set Higher Bar For Keeping State Secrets
September 23, 2009 by Dissent Filed under Govt
Carrie Johnson reports:
The Obama administration will announce a new policy Wednesday making it much more difficult for the government to claim that it is protecting state secrets when it hides details of sensitive national security strategies such as rendition and warrantless eavesdropping, according to two senior Justice Department officials.
The new policy requires agencies, including the intelligence community and the military, to convince the attorney general and a team of Justice Department lawyers that the release of sensitive information would present significant harm to “national defense or foreign relations.” In the past, the claim that state secrets were at risk could be invoked with the approval of one official and by meeting a lower standard of proof that disclosure would be harmful.
[...]
The policy, however, is unlikely to change the administration’s approach in two high-profile cases, including one in San Francisco filed by an Islamic charity whose lawyers claim they were subjected to illegal government wiretapping. That dispute, involving the al-Haramain Islamic Foundation, provoked an outcry from the American Civil Liberties Union and other public policy groups this year after the Obama Justice Department followed the Bush strategy and asserted “state secrets” arguments to try to stop the case.
Read the full story in The Washington Post.
It's avoidance, not evasion. Change the law and Microsoft might re-locate! (Then what happens to your tax base?)
Microsoft Tax Dodge At Issue In Washington State
Posted by kdawson on Tuesday September 22, @09:03PM from the office-at-area-fifty-one dept.
newscloud writes
"With Washington State facing a billion-dollar biennial budget deficit, the spotlight again shifts to Microsoft's software licensing office in Reno, Nevada. 'Although the majority of its software development is performed in Washington State, Microsoft records its estimated $18 billion in licensing revenue per year through a corporate office in Reno, Nevada where there is no licensing tax. Just by enforcing the state's existing tax law from 2008 onwards, we could reduce Washington's revenue shortfall by more than 70 percent. Alternately, we could pursue the entire $707 million from Microsoft's thirteen years of tax dodging and cover most of the expected deficit going forward.' We have discussed Microsoft's creative capitalism in the past."
av u alw wtd 2 txt lk a teen? (Have you always wanted to text like a teenager?)
http://www.lingo2word.com/index.php
Lingo2word
Translate text messages from Lingo to plain English, or from plain English to lingo
For my Forensics students
http://www.pogowasright.org/?p=4042
Universities Spar Over Disappearing Electronic Messages
September 22, 2009 by Dissent Filed under Internet
John Markoff reports:
In less than two months after a group of University of Washington computer researchers proposed a novel system for making electronic messages “disappear” after a certain period of time, a rival group of researchers based at the University of Texas at Austin, Princeton, and the University of Michigan, has claimed to have undermined the scheme.
[...]
The Vanish attackers have created a demonstration system they call “Unvanish” and they said they had undone the Vanish model for gradually eroding encryption keys by subverting the peer-to-peer file sharing system. Their insight was to use a single computer to masquerade as a large number of members of a file sharing network. That rogue machine would simply need to capture and store anything that looked like a Vanish key fragment. The researchers said that this was simple, as the Vanish fragments are identifiable because of their size. Later it would be possible to reconstruct a Vanish message by simply consulting the Unvanish archive.
Read more in The New York Times.
For my students who know everything... except that strange term on the test.
Webopedia
The only online dictionary and search engine you need for computer and Internet technology definitions.
Might be a good resource for my website students
http://www.bespacific.com/mt/archives/022392.html
September 22, 2009
Fotopedia - the first collaborative photo encyclopedia
"Fotopedia is breathing new life into photos by building a photo encyclopedia that lets photographers and photo enthusiasts collaborate and enrich images to be useful for the whole world wide web."
(Related) Generate various clock widgets for your website.
Clockeasy
Someday I'll teach a course on the DaVinci Code
http://www.makeuseof.com/tag/search-the-collections-of-famous-libraries-museums-online/
Search The Collections Of Famous Libraries & Museums Online
Sep. 22nd, 2009 By Mark O'Neill
Know something? Can you teach? Record it and get paid!
http://www.killerstartups.com/Video-Music-Photo/vidschool-com-video-classes-on-the-www
VidSchool.com - Video Classes On The WWW
VidSchool is an educational platform that has one simple aim: enabling teachers to provide tutoring sessions without having to incur into the expenses or the trouble of building their own websites. That is, VidSchool focuses on pre-recorded classes that are suitable for all levels – both children and grown-ups could benefit for them. And parents of these students under 18 are also able to track the way their children are progressing. In this way, they can know about the learning environment their little ones are immersed in, as well as checking attendance. That is achieved via the provided VidSchool parenting analytics package.
No comments:
Post a Comment