Friday, February 05, 2010

“We didn't waste any time or thought on security, but when it came to protecting our jobs no effort was spared.” No indication the records were encrypted or that ANY security process was followed.

http://www.databreaches.net/?p=9832

NY: Social Security loses a CD with personal info

February 4, 2010 by admin Filed under Breach Incidents, Government Sector, Lost or Missing, U.S.

Peter C. Mastrosimone reports:

A computer disc containing detailed personal information about 969 New Yorkers was lost by a Social Security Administration employee traveling to Queens from the Bronx back in late October.

Three months later, on Jan. 22, the agency sent out letters to those people, explaining the situation and assuring them that officials have not seen any questionable activity [Why would they? It's your information that was lost. Bob] that would lead them to believe anyone had found the disc and engaged in identity theft.

The Queens Chronicle learned of the situation last Friday, when a copy of the letter was faxed to the paper’s office.

[...]

The agency took three months to notify people of the mishap because officials wanted to determine how best to go forward, [This common management technique is known as CYA. Bob] according to Shallman.

“We regret that it took this long to notify people about the loss,” he said in an email. “It took time to thoroughly analyze and identify the loss and determine the best method of proceeding. In the meantime, as the letter states, we have reviewed Social Security records and found no inappropriate activity. We have no indication that any unauthorized individual has actually retrieved or used this personal information.”

The disc was lost as the employee was going to the Queens Social Security hearing office, and the information on it included administrative decisions, medical evidence and internal agency documents containing the people’s names and Social Security numbers.

Read more in the Queens Chronicle.



This went quite quickly. Have they learned what buttons to push?

http://www.databreaches.net/?p=9842

Heartland Payment Systems and Visa Inc. Announce Acceptance Rate of Over 97 Percent for Data Security Breach Settlement Agreement

February 5, 2010 by admin

From the press release:

Financial institutions representing more than 97 percent of eligible Visa-branded credit and debit cards have accepted the Alternative Recovery Offers they received pursuant to the settlement entered into by Visa Inc. (NYSE:V), Heartland Payment Systems® (NYSE: HPY) and Heartland’s sponsoring acquirers last month. This level of acceptance fulfills the 80 percent opt-in condition that was one of the requirements of the $60 million settlement. The settlement provides these issuers with a recovery from Heartland with respect to losses they may have incurred from the 2008 criminal breach of the payment processor’s payment system network.



What a great time to be born!

http://science.slashdot.org/story/10/02/05/0440247/Routine-DNA-Tests-For-Newborns-Mean-Looming-Privacy-Problems?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Routine DNA Tests For Newborns Mean Looming Privacy Problems

pogopop77 writes

"CNN has an interesting story about how newborn babies in the United States are routinely screened for a panel of genetic diseases. Since the testing is mandated by the government, it's often done without the parents' consent. However, many states store that DNA information indefinitely, and even make it available to researchers with little or no privacy safeguards. Sometimes even the names are attached! Here is information on state-by-state policies (PDF) of the handling of the DNA information."



I'm not sure if this is a Privacy story or an economic stimulus story. Do they hire students with cameras to roam the malls?

http://searchengineland.com/google-maps-to-add-google-store-views-35153

Google Maps To Add “Google Store Views”



Does this de-cloudify the cloud?

http://www.fanboy.com/2010/02/vint-cerf.html

Vint Cerf Scares Web Dudes by Mentioning Time-sharing

Posted by Michael Pinto on Feb 4, 2010

When everyone started talking about the cloud my first thought was “isn’t this a throw back to mainframe computers from a pre-PC era when dumb terminals always needed to dial in?” So I was blown away to watch this video of Vint Cerf (who has been credited as the father of the Internet) suddenly mention mainframe time-sharing in the middle of a chat on cloud-to-cloud operability. It’s also interesting to hear that Cerf feels that it will take about five years for real standards to occur that allow one cloud to share data with another. By the way it’s interesting to note that Google now employs Cerf which is quite a coup.



Interesting. Does this suggest that Microsoft has copyrighted ways to defeat forensic examination?

http://www.thetechherald.com/article.php/201005/5186/Microsoft-hits-DECAF-with-DMCA-take-down-notice

Microsoft hits DECAF with DMCA take-down notice

by Steve Ragan - Feb 4 2010, 17:00

DECAF, an application that defends a system from forensic tools such as EnCase and Helix, as well as Microsoft’s COFEE, earned a good bit of attention towards the end of 2009. Apparently, it earned too much attention, because after the initial hype died down, Microsoft finally acted and served the team behind DECAF with a DMCA notice, causing their hosting provider to pull their site.



Not the clearest description of what is occurring here, but you get the idea. The perfect place for unscrupulous lawyers (is that redundant?)

http://yro.slashdot.org/story/10/02/05/0427205/Lord-Lucas-Says-Record-Companies-Blackmail-Users?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Lord Lucas Says Record Companies "Blackmail" Users

Posted by timothy on Friday February 05, @02:02AM from the lord-timothy-yields-his-time dept.

Kijori writes

"Lord Lucas, a member of the UK House of Lords, has accused record companies of blackmailing internet users by accusing people of copyright infringement who have no way to defend themselves. 'You can get away with asking for £500 or £1,000 and be paid on most occasions without any effort having to be made to really establish guilt. It is straightforward legal blackmail.' The issue is that there is no way for people to prove their innocence, since the record company's data is held to be conclusive proof, and home networking equipment does not log who is downloading what. Hopefully, at the very least, the fact that parliament has realised this fact will mean that copyright laws will get a little more sane."



This story misses the point. You are signed up when you click – not by specifically purchasing the “services”

http://games.slashdot.org/story/10/02/05/0737210/GameStop-Other-Retailers-Subpoenaed-Over-Credit-Card-Information-Sharing?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

GameStop, Other Retailers Subpoenaed Over Credit Card Information Sharing

New York State's Attorney General, Andrew Cuomo, has subpoenaed a number of online retailers, including GameStop, Barnes & Noble, Ticketmaster and Staples, over the way they pass information to marketing firms while processing transactions. MSNBC explains the scenario thus: "You're on the site of a well-know retailer and you make a purchase. As soon as you complete the transaction a pop-up window appears. It offers a discount on your next purchase. Click on the ad and you are automatically redirected to another company's site where you are signed up for a buying club, travel club or credit card protection service. The yearly cost is usually $100 to $145. Here's where things really get smarmy. Even though you did not give that second company any account information, they will bill the credit or debit card number you used to make the original purchase. You didn't have to provide your account number because the 'trusted' retailer gave it to them for a cut of the action." While there is no law preventing this sort of behavior, Cuomo hopes the investigation will pressure these companies to change their ways, or at least inform customers when their information might be shared.



Beware the posturing politician.

http://yro.slashdot.org/story/10/02/04/1847254/House-Overwhelmingly-Passes-Cybersecurity-Bill?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

House Overwhelmingly Passes Cybersecurity Bill

Posted by timothy on Thursday February 04, @02:00PM from the critical-mass-of-buzzwords dept.

eldavojohn writes

"The Caucus, a NY Times Blog, is reporting on the overwhelming majority vote (422 yeas) the House gave a new cybersecurity bill. The Cybersecurity Enhancement Act, H.R. 4061 has a number of interesting provisions. Representative Michael Arcuri, a Democrat of New York who sponsored the bill called cybersecurity the 'Manhattan Project of our generation' [“Without the budget or science or all that other stuff politicians don't understand.” Bob] and estimated the US needs 500 to 1,000 more 'cyber warriors' every year in order to keep up with potential enemies. The new bill 'authorizes one single entity, the director of the National Institute of Standards and Technology, to represent the government in negotiations over international standards and orders the White House office of technology to convene a cybersecurity university-industry task force to guide the direction of future research.'"



Resource The video equivalent of Twitter's 140 character limit? “Attention” was once the goal of Internet sites, but that attention span has shortened dramatically.

http://www.techcrunch.com/2010/02/03/5min-rules-the-how-to-video-space/

5min Rules The How-To Video Space

by Leena Rao on February 3, 2010

We recently wrote about the traction that how-to video site and producer Howcast is seeing online. But there’s another information and how-to video startup that is dominating the space: 5min. The company is a syndication platform for instructional, knowledge and lifestyle videos, both professionally produced and user-generated. The service’s video library boasts 150,000 of videos across a variety of categories (e.g. food, health, home and garden ), submitted by media companies and independent producers from around the world.


(Related) Attention spans are shrinking due to Global Warming! Notify Al Gore at once!

http://news.yahoo.com/s/pcworld/20100204/tc_pcworld/bloggingisoutfacebookisinstudyfinds

Blogging Is Out, Facebook Is In, Study Finds

No comments: