Archive

Archive for the ‘Data Loss’ Category

European Commission requests the UK to strengthen Data Protection Regulation…

June 28, 2010 Leave a comment

This week the European Commission requested the UK to strengthen its data protection legislation to align with the EU Data Protection Directive. Claiming the UK regulations offered less protection than those required under EU rules, the UK has two months to consider the opinion and respond with measures to bring them into line.

The EU highlighted the following points:

1. The ICO cannot monitor third party country data protection rules – assessments which should come before international transfer of personal information

2. The ICO can neither perform random checks on people using or processing personal data, nor enforce penalties following the checks.

The full writeup can be found on the Europe EU Law press release page.

Categories: Data Loss, Fines, Privacy Laws Tags: , , ,

4 Mechanical ways to destroy your data..

June 2, 2010 Leave a comment

I found this funny, and practical report by BBC News’ Rob Freeman on their Click Program.

Good watching if you’re in doubt as to how to dispose of those pesky old hard disks…

Categories: Data Destruction Tags: , , ,

Countrywide additional $600m class action..

May 9, 2010 Leave a comment

Following from the recent $20m class action suit against Countrywide Financial, they, and their owners Bank of America just got slammed with an additional $600m class action suit regarding improper practices.

Luckily, not related to any data breaches though.

Categories: Fines Tags: , ,

New China encryption rules won’t pose headaches for U.S Vendors?

May 5, 2010 Leave a comment

This week, Jaikumar Vijayan at Computerworld posted an interesting article about new Chinese rules designed to control the import of non-domestic encryption products.

Many people have infered that these new rules will mean products imported into China will be somehow compromised, or unsafe, because their details will have been released to the Chinese Government.

Nothing could be further from the truth.. Read more…

Categories: Cryptography, Encryption, Full Disk Encryption, Privacy Laws Tags: , , ,

Data Protection Projects – Where to start?

April 28, 2010 Leave a comment

One common question I get asked when I speak on Data Protection, is “what do I do first” – it’s interesting topic because although my presentation is exactly about what most people should do, and in what order, everyone and every organization is different and one size, absolutely does not fit all.

In my presentation I talk about “5 Steps to Data Protection Nirvana”: Read more…

Categories: Data Leakage Prevention, Mastercard/McAfee/SafeBoot/Intel, PHI, PII Tags: ,

Copiers give up secrets…

April 28, 2010 Leave a comment

This interesting report by CBSNews highlights the problem of not paying attention to how data leaks occur. CBS News worked with a small company who specialize in Digital Copier Security to show how easy it was to obtain sensitive data.

By simply going to a used copier supplier and buying 4 random machines at a cost of around $300 each (without knowing who their previous owners were), they were, within an hour able to retrieve thousands of page prints of sensitive data including: Read more…

Categories: Data Loss, PHI, PII Tags: , , , ,

I got a virus in my email? Me?!?…

April 27, 2010 Leave a comment
Today I received a very pleasant email from the “Student Support Center” of, I guess Hotmail? It seems I got a virus in my Helpdesk.edu account (funny, I don’t remember signing  up for it, but hey, I must have eh?).
If I respond to them with my user name and password, they will fix it for me. Thankfully, the password will be encrypted somehow magically when I reply to them.
Now, if I could only work out what my user name is…
Categories: Scams, Security/Exploits Tags: ,

Countrywide Financials Data Loss leads to $20m class action suite…

April 14, 2010 17 comments

Following on from the Countrywide Financial data breach back in 2008, they now find themselves saddled with a class action lawsuit for $20,000,000.

Countrywide Financials problems all started when employee Rene Rebollo confessed to downloading 20,000 data files per week and selling them to Wahid Siddiqi for as much as $70,000 (a total of 2.2 million people’s information was compromised), this leading to Bank Of America (their new owners) paying $350,000 to Connecticut to settle claims.

The terms of the class action can be found on http:\\www.cwdataclaims.com, but they include up to $50,000 reimbursement per incident of identity theft from a fund of $5,000,000, free credit monitoring, $90 for opening a new account, $20 per month, up to $200 for credit monitoring, $10 per hour for telephone calls etc, and many other miscellaneous things.

Categories: Fines, PII Tags: , , ,

I just won €650,000 in the Spanish Lotto!

April 13, 2010 2 comments

I know everyone will be happy for me, when I tell you I just got notification from the Spanish Lotto about my winning ticket. I must have bought the ticket when I was drunk, or jetlagged, because for the life of me I can’t remember buying it, but, I was in Madrid recently so it must be true.

See you all on the Costa del Sol! Read more…

Categories: Scams Tags:

TJX Hacker gets 20 years…

March 29, 2010 Leave a comment

Last week, Albert Gonzalez, the “brains” behind the TJX hack , Heartland Payment Systems, 7-Eleven and many other notable cybercrimes was sentenced to 20 years. Part of his punishment is the forfit of $1m he buried in his parents garden, a condo in Miami, a car, diamond ring and several expensive watches (Gonzalez was reported to have stolen $200m by some sources, much of which was returned).

The sentence was severe because some of the attacks were carried out while Gonzalez was working as a Secret Service informant, earning $75k per year.

You can read more on the BBC News website.

Categories: Fines, Privacy Laws