Archive

Archive for October, 2009

ChoicePoint fined an additional $275,000 for failures to have an effective security policy…

October 22, 2009 Leave a comment

Following on from my story on repeat data loss offenders, tho week ChoicePoint has been fined $275,000 by the FTC for failures to have an adequate data security program in place.  ChoicePoint lost the PII of 160,000 U.S residents in 2004 (which they were fined $15 million for), and another 13,750 in 2008 according to Grant Gross of IDG News Service.

Interestingly, this later breach could have been mitigated by a “key” electronic security tool they had in place to monitor the database, unfortunate for them though, it had been turned off. Read more…

Categories: Data Loss, Fines, PII Tags: ,

Hacking Exposed – Son of Scoop.pl

October 6, 2009 Leave a comment

After attending this mornings Hacking Exposed session at McAfee Focus 09, I was inspired to recreate Stuart McClure’s “Scoop.pl” script. I don’t have Python or Pearl installed on my machines, but I do have VBScript, and I do have Primalscript, so it seemed a simple thing to create this useful tool which helps you get the lowdown on what sites are present on a given URL. Read more…

Categories: Programming, Security/Exploits Tags: , ,

Repeat Data Loss Offenders…

October 1, 2009 3 comments

I was doing some data mining this week on the excellent DataLossDB.com site and it occurred to me to dig a little deeper into where the risky places to give your PII/PHI to are. I was hoping to find that some segments are cleaning up their act, but it seems not. The fact we’re seeing multiple entries by people could have two possible meanings: Read more…

Categories: Data Loss, PHI, PII, Privacy Laws Tags: , ,