http://www.databreaches.net/?p=8369
AZ Attorney General to investigate Health Net
November 21, 2009 by admin Filed under Breach Incidents, Healthcare Sector, U.S.
A second state’s attorney general is opening an investigation into the Health Net breach that was only recently revealed six months after the data were either lost or stolen. From the press release from Arizona Attorney General Terry Goddard:
Attorney General Terry Goddard today called on Health Net, a Connecticut-based insurance company, to immediately notify its Arizona policyholders whose personal, medical and financial information was either lost or stolen in a data breach that occurred six months ago.
He said further that his Office will open an investigation to determine whether a state law requiring prompt notification was violated.
Health Net notified the Arizona Department of Insurance on Wednesday that a hard drive containing personal data on some 316,000 present and former Arizona policyholders has been missing since May from the company’s headquarters in Shelton, Conn. The company has yet to contact the affected policyholders about the breach, however, saying it plans to send letters to them soon.
“Health Net’s failure to notify its customers after all this time appears inexcusable,” Goddard said. “The breach apparently includes sensitive personal health information as well as financial information that could put people at risk of identity theft. There can be no further delay; the company needs to provide notification as quickly as possible.”
Arizona law requires notification of individuals affected by an unauthorized acquisition and access of computerized personal information “in the most expedient manner possible and without unreasonable delay.”
Goddard said a letter citing that law was sent to the company Thursday. It also requests additional information about the data breach. A copy of the letter is attached.
Health Net said it will provide free credit monitoring for two years for all affected customers who request it. The company said it has not received any reports so far of misused data.
A company spokeswoman said the missing hard drive contains Social Security numbers, medical records and health information going back to 2002 for 1.5 million past and present customers in four states: Arizona, Connecticut, New York and New Jersey. Health Net is one of the country’s largest publicly traded managed care companies with some 6.6 million customers across the country.
Al Gore must be furious! But seriously, what would you do if someone hacked your organization's system and released a mix of real and phoney data suggesting that you were falsifying data or covering up a crime or bribing politicians?
Climatic Research Unit Hacked, Files Leaked
Posted by kdawson on Friday November 20, @02:51PM from the playing-dirty dept.
huckamania was one of many readers to write with the news that the University of East Anglia's Hadley Climatic Research Unit was hacked, and internal documents released. Some discussion and analysis of the leaked items can be found at Watts Up With That. The CRU has confirmed that a breach occurred, but not that all 61 MB of released material is genuine. Some of the emails would seem to raise concerns about the science as practiced — or at least beg an explanation. From the Watts Up link:
"[The CRU] is widely recognized as one of the world's leading institutions concerned with the study of natural and anthropogenic climate change. Consisting of a staff of around thirty research scientists and students, the Unit has developed a number of the data sets widely used in climate research, including the global temperature record used to monitor the state of the climate system, as well as statistical software packages and climate models. An unknown person put postings on some climate skeptic websites [Suggesting an agenda? Bob] that advertised an FTP file on a Russian FTP server. Here is the message that was placed on the Air Vent today: 'We feel that climate science is, in the current situation, too important to be kept under wraps. We hereby release a random selection of correspondence, code, and documents.' The file was large, about 61 megabytes, containing hundreds of files. It contained data, code, and emails apparently from the CRU. If proved legitimate, these bombshells could spell trouble for the AGW crowd."
Reader brandaman supplied the link to the archive of pilfered data. Reader aretae characterized the emails as revealing "...lots of intrigue, data manipulation, attempting to shut out opposing points of view out of scientific journals. Almost makes you think it's a religion. Anyone surprised?" And reader bugnuts adds, for context: "These emails are certainly taken out of context, whether they are legitimate or fraudulent, which adds to the confusion."
I'm surprised that you are surprised. Haven't you been paying attention? Or...
Rick: How can you close me up? On what grounds?
Captain Renault: I'm shocked, shocked to find that gambling is going on in here!
[a croupier hands Renault a pile of money]
Croupier: Your winnings, sir.
Captain Renault: [sotto voce] Oh, thank you very much.
[aloud]
Captain Renault: Everybody out at once!
http://www.databreaches.net/?p=8350
Ca: Lost laptops shock watchdog
November 20, 2009 by admin Filed under Commentaries and Analyses, Non-U.S.
Gordon Kent reports:
Alberta’s privacy watchdog says he’s “stunned” by a report the city has lost an average of one laptop a month that could contain personal data.
Only half the 48 laptop disappearances over the last four years were investigated, and just once did officials look into whether a lost or stolen computer contained personal information, according to a report by city auditor David Wiun.
In that case, the computer stored resumes.
“I’m just stunned … I just don’t have words for this,” information and privacy commissioner Frank Work said Thursday.
Read more in the Edmonton Journal.
The audit report, Audit of Privacy Controls for Laptops & Tablets, November 3, 2009 can be found at http://www.edmonton.ca/city_government/documents/07214_Privacy_Controls_Laptops_Tablets.pdf
It's not cyber war. It is: let's see how much information we can gather. Think of it as a digital reconnaissance. (If there are similar looks at corporate America, they are going unreported.)
Cyber Attacks On US Military Jump Sharply In 2009
Posted by Soulskill on Saturday November 21, @02:02AM from the proportional-with-gold-farming dept.
angry tapir writes
"Cyber attacks on the US Department of Defense — many of them coming from China — have jumped sharply in 2009, a US congressional committee has reported. Citing data provided by the US Strategic Command, the US-China Economic and Security Review Commission said that there were 43,785 malicious cyber incidents targeting Defense systems in the first half of the year. That's a big jump. In all of 2008, there were 54,640 such incidents. If cyber attacks maintain this pace, the yearly increase will be around 60 percent. The full report (PDF) is available online."
Happy Holidays! Send me your credit card number, bank account, and all your passwords. (signed) Santa
Phishing: Verified by Visa scam targets holiday shoppers
by Steve Ragan - Nov 20 2009, 16:30
An interesting example of internet-enabled democracy? An indication of future vigilantism? Certainly an example of the popularity of soccer.
http://news.cnet.com/8301-17852_3-10402732-71.html?part=rss&subj=news&tag=2547-1_3-0-20
Can Facebook group change World Cup game result?
by Chris Matyszczyk November 20, 2009 2:43 PM PST
… In case you were only recently released after being abducted by recalcitrant performance artists, France was playing Ireland for the privilege of going to the World Cup finals in South Africa. Ireland was winning.
… A ball was hopefully pumped into the Irish penalty area. The French captain, Thierry Henry, reached out his left hand to control the ball, enjoyed the feeling so much he actually handled it twice, then crossed the ball for an embarrassed teammate, Willam Gallas, to score and eliminate the plucky Irish. (It is compulsory to use the term "plucky" when referring to the Irish soccer team.)
Henry, perhaps sensing his precious image evaporating, admitted Friday that the game should be replayed.
Even though the sport's governing body, FIFA, has declared no replay will happen, it now has to deal with perhaps the fastest-growing Facebook group on earth.
Petition to have IRELAND VS FRANCE REPLAYED!!!!! already has secured more than 250,000 members since its inception, as well as an increasing amount of media coverage.
Everyone wants to play... Perhaps we should be looking at/comparing the features offered?
Health gets personal in the cloud
Google Health Beta and Microsoft's My Health Info
by Brian Ahier
Healthcare is one of the biggest industries in the world. The United States spends over 17% of its GDP on healthcare and the issue of the industry's future is being hotly debated in Congress.
… For example, Google announced at the Health 2.0 conference that they have entered into a partnership to provide telehealth services through their Google Health platform using MDLiveCare.
… Also, Microsoft has introduced My Health Info as part of HealthVault.
… Another company that is doing some interesting work in this area is Practice Fusion. Practice Fusion is a free, Web-based electronic health record service for physicians.
… Through Patient Fusion, doctors grant patients instant access to their medical records, medications and immunization history. Updates to the patient's records are available in real-time in the cloud. Patients will also be able to schedule appointments, request prescription refills, email their physicians, and, most importantly, share their data with other providers at any time.
(Related)
PHR – Personal Health Record Reviews
Here is a list of top providers.
Google Health by Google
Microsoft’s HealthVault and My Health Info
Patient Fusion by Practice Fusion
GE’s Life Sensor
Source code as evidence of anti-trust?
iPhone Owners Demand To See Apple Source Code
Posted by kdawson on Friday November 20, @04:50PM from the you're-a-brick dept.
CWmike writes
"iPhone owners charging Apple and AT&T with breaking antitrust laws asked a federal judge this week to force Apple to hand over the iPhone source code, court documents show. The lawsuit, which was filed in October 2007, accuses Apple and AT&T of violating antitrust laws, including the Sherman Act, by agreeing to a multi-year deal that locks US iPhone owners into using the mobile carrier. On Wednesday, the plaintiffs asked US District Court Judge James Ware to compel Apple to produce the source code for the iPhone 1.1.1 software, an update that Apple issued in September 2007. The update crippled iPhones that had been unlocked, or 'jailbroken,' so that they could be used with mobile providers other than AT&T. The iPhone 1.1.1 'bricked' those first-generation iPhones that had been hacked, rendering them useless and wiping all personal data from the device. The plaintiffs say that the source code is necessary to determine whether all iPhones were given the same 1.1.1 update, and whether it was designed to brick all or just some hacked iPhones."
Some interesting thoughts on the Chrome OS. Convergence and challenge?
http://arstechnica.com/open-source/news/2009/11/chromeos-announcement.ars
Chrome OS: Internet failing at PC > PC failing at Internet
In 2009, it's better to be an Internet company that's taking slow, awkward first steps toward the PC, than a PC company that's still trying and failing to truly integrate with the Internet. Ars looks at what Chrome OS means for Google, Apple, Microsoft, the netbook, ARM, Intel, and the cloud. "Revolutionary" is a clichéd term, but Chrome OS is a good candidate for it.
By Jon Stokes | Last updated November 20, 2009 8:30 AM
… The custom firmware integrates some of the functions of a boot loader, so it's a bit more robust than a traditional BIOS. During the seven-second boot time, the firmware loads a series of kernel modules, all of which are signed; if the signature check fails at any point in boot-up, the machine will prompt the user for a reboot, after which a clean version of the OS is downloaded and the entire device is essentially re-imaged. [Secure against root-kits and always up-to-date? Bob]
… Every "application" is just a webpage, which means that users don't install binaries, ever, for any reason.
… The OS itself lives on a read-only partition that's not accessible to user-space processes. The fact that the OS is stateless is a major security advantage, since it's that much harder for malicious code to hijack any part of it. Also important is the fact that the user processes themselves are all sandboxed, and any user data that's locally cached is encrypted by default.
… with ChromeOS, all user data lives in the cloud. A ChromeOS device presumes that the canonical version of your data is the cloud version, so it caches this data locally for faster access, and when a user modifies it, the changes are invisibly written back out to the network.
… . If you plug a USB drive into the portable, ChromeOS opens a file browser tab that lets you look through the file tree. In the demo, Pichai clicked on a an Excel file that then opened in the Windows Live version of Excel. "Microsoft has written a killer app for ChromeOS," he snarked of Redmond's Live offerings, which will enable ChromeOS to natively open Office docs without translating them to Google Docs.
Worth a read... Not so much new, as all in one article. Are wee too heading to broadband as a basic human right?
FCC outlines seven biggest barriers to broadband adoption
The Federal Commission has listed seven big bumps in the road towards universal use of broadband in the United States, including the TV set-top box innovation gap and the spectrum gap. The document may be a sneak preview of the agency's National Broadband Plan, to be released in February.
By Matthew Lasar Last updated November 20, 2009 11:34 AM
Humor? This is likely to change fast when someone reminds hizzonor that college students often vote... They even lead recall elections.
Pittsburgh To Tax Students
Posted by Soulskill on Saturday November 21, @09:14AM from the this-will-go-over-well dept.
societyofrobots writes
"Pittsburgh Mayor Luke Ravenstahl has proposed taxing college and professional students for the privilege of receiving an education in the city. The proposed tax will charge students in the city at a rate of 1% of their yearly tuition — which, at Carnegie Mellon, would mean roughly a $400 tax (PDF) on most students. As the tax proposal hit local media outlets this week, the mayor repeatedly emphasized the burden that college students have placed on city services, and the need for students to pay their 'fair share.'"
Humor? Are they just making things up as they go along (practicing law without a license) or have they been invaded by the anti-smoking Nazis?
Apple Voiding Smokers' Warranties?
Posted by Soulskill on Saturday November 21, @10:17AM from the a-what-a-day-keeps-the-doctor-away dept.
Mr2001 writes
"Consumerist reports that Apple is refusing to work on computers that have been used in smoking households. 'The Apple store called and informed me that due to the computer having been used in a house where there was smoking, [the warranty has been voided] and they refuse to work on the machine "due to health risks of second hand smoke,"' wrote one customer. Another said, 'When I asked for an explanation, she said [the owner of the iMac is] a smoker and it's contaminated with cigarette smoke, which they consider a bio-hazard! I checked my Applecare warranty and it says nothing about not honoring warranties if the owner is a smoker.' Apple claims that honoring the warranty would be an OSHA violation. (Remember when they claimed enabling 802.11n for free would be a Sarbanes-Oxley violation?)"
For the Swiss Army folder
myBrainshark
Create, Share, and Track multimedia presentations with ease.
Also for the Swiss Army folder
VideoLobby Wants To Help You Create Your Own Custom-Branded Live Webcasts
by Jason Kincaid on November 20, 2009
Today at the RealTime CrunchUp we saw the launch of VideoLobby, a new service founded by Peter Urban that’s looking to make it easier to create professional-looking webcasts, complete with custom branding.
… The service doesn’t just make your page look nicer, though — it can automatically pull in comments from Twitter and Facebook, and also allows users to submit questions directly from the show’s page.