Laptop With Anheuser-Busch Employees’ Private Data Stolen
Global beverage company Anheuser-Busch has recently released information on the theft of a laptop containing private records of current and former employees. The theft took place in June at an office from the St. Louis area.
Tim Farrell, the company’s vice president for corporate human resources, quoted by DailyPress.com said Anheuser-Busch sent letters to an undisclosed number of employees and ex-employees letting them know what had happened. As the stolen laptop contained Social Security numbers, home addresses and marital status, the company also offered a year of free credit reporting. According to the same source, the private records stored on the stolen computer was password-protected and encrypted.
Banks Prefered by Fraudsters in 2008
It looks like fraudsters have a thing for banks and have been showing this affinity in the first six months of the year. This is the conclusion of the latest Fraud Barometer released KPMG Forensic’s.
According to the barometers quoted by CRN UK, fraud has increased by 50 percent, generating 630 million pounds for fraudsters. Banks toped in losses, reporting a record amount of 350 million, with 128 fraud cases coming to court. The most frequent types of fraud were mortgage fraud, and accounting and employee frauds.
KPMG also released dark predictions for the future, stating that the figures they released are most likely to get worse, one of the causes being the full impact of the credit crunch.
Stay Clear of Computer Threats on Vacation and Business Trips
And how exactly can you do that? CoSoSys has just released version 3.0 of Carry it Easy +Plus which focuses on increased security for security for USB flash drive users that access their data on public PCs like in internet cafés or hotel business centers.
Carry it Easy +Plus 3.0 has a whole range of features on display that are great for road warrior or the luckier ones of us who are vacationing: Website Password Manager, PC-Screen Lock128 bit AES data encryption, Outlook e-mail, contact and calendar sync, File & Folder Sync, No Trace Internet Browsing and much more.
So why do you need such tight security? The official release explains it:
When vacationing or travelling for business, the simplest technology-bound actions on your daily routine can expose you to real threats. Accessing your webmail account in an Internet café or on a different public PC you might run across in hotel business lounges or in airports exposes you to having your login credentials stolen by keyloggers or other malicious applications. The same can happen when plugging in your notebook in an unsecured network.
With the new SafeLogin feature in Carry it Easy +Plus as your password manager, all your website login credentials are stored securely in encrypted format on your portable storage device and automatically entered on any PC without the use of a keyboard. This feature does not only make logging in secure but also more convenient.
US Federal Agencies Welcome Data Theft
After 15 months of investigation into 24 major US federal agencies, the Government Accountability Office (GAO) has release a report showing that key US Departments still don’t take data security seriously. Given the list of breaches we’ve been covering affecting everyone from colleges and hospitals to the US Army, I’d say it’s high time they started!
According to the report quoted by Vnunet.com, around 70 percent of laptops and handhelds used by agency failed to comply with Office of Management and Budget (OMB) rules and didn’t use encryption making the data available to anyone intending to steal it. The OMB rules are not even close to being new, as they decided all federal laptops should be encrypted back in 2007.
“We are recommending that OMB clarify governmentwide encryption policy to address agency efforts to plan for and implement encryption technologies,” said the report.
“We are also making recommendations to selected agencies to properly install and configure FIPS-compliant encryption technologies, to develop policies and procedures to manage encryption, and to provide encryption training to personnel.”
Other practices of extremely low levels of security (or should we say non-existent security) include Nasa employees refusing to deploy encryption software on their laptops and members of the Department of Education who weren’t told encryption software was installed so they of course weren’t using it. From what I know if they’re using Windows, whenever a new program is installed, you have a quite nagging message in your Startup Menu. How patient must one be to simply ignore it over and over again 
Hackers Looking to Chat or Spam Expose 2,800 to Identity Theft
Another security breach involving a college has recently been reported. While trying to set up chat rooms or establish a spam sending headquarters from themselves, a group of hackers broke into a library consortium that serves Connecticut College, Trinity College and Wesleyan University.
According to consortium sources quoted by Courant.com, the two breached servers were ocated at the consortium’s headquarters at Wesleyan and were used to store a database belonging to all three colleges. The database included the names, addresses and Social Security or driver’s license numbers of about 2,800 Connecticut College library patrons, 12 Wesleyan University patrons and three from Trinity.
There’s no evidence that personal information was stolen, but affected individuals will be mailed letters with information on how to enroll in an identity protection service. All personal information has been deleted from the database and steps were taken to secure the servers.
Slim Risks, yet HCC Still Warns of Lost Data
Hillsborough Community College programmer’s laptop stolen from a hotel parking lot in Georgia rises identity theft concerns. All the private records the laptop used to contain on about 2,000 HCC employees has previously been deleted and the computer is password-protected, yet fears of someone with sophisticated software retrieving the data made HCC take action.
Spokeswoman Ashley Carl told Tampa Bay Online that the programmer had been working on a payroll project for a group of employees using their names, bank-routing numbers, retirement information and Social Security numbers but had subsequently deleted the data and also emptied the Trash bin.
The college also is looking into acquiring technology that will allow workers to remotely locate laptops and to encrypt computers or disks. In addition, it stressed to employees who use laptops to use extra caution when securing the devices.
HCC officials announced all their potentially affected employees of the threat and advised them to closely monitor their bank accounts. This was indeed a speedy and rather thorough reaction from HCC, especially since their determined to prevent future incidents by deploying and endpoint security solution along with enforcing other IT security policies.
Potential Breach Affects 128,000 Saint Mary Patients and Clients
Saint Mary’s Regional Medical Center has recently released information about a potential data breach involving one of its databases. The database in question was used Saint Mary’s health education classes and wellness programs contained private records of about 128,000 patients and clients.
The personal information contained details such as names and addresses, limited health information and some Social Security numbers. According to a statement made by Gary Aldax, marketing manager for Saint Mary’s and quoted by RGJ.com, the database did not contain medical records or credit card information.
“What happened was that an unauthorized person may have accessed the database,” Aldax said. “We’re currently working with Equifax, which is one of the three major credit agencies, to help handle this for us.
“In some cases, there were people who had their Social Security numbers (in the database) as well, so we’re sending different letters to people depending on their situation.”
Saint Mary’s has emailed all those potentially affected this month, warning them about the threats they might be exposed to.
Computer Tapes with over 20,000 Social Security Numbers Lost
Several computer backup tapes containing thousands of social security numbers of Tinley Park residents have been lost during a common moving procedure aimed to insure they wouldn’t be destroyed in a village hall disaster.
According to the Chicago Tribune, officials doubt there’s any real chance of identity theft, as the tapes contained 15 year old information. Village Manager Scott Niehaus said letters describing the incident will be sent out to about 19,000 residents and another 1,400 current, former or retired village employees.
Private Data on 300 Vets Stolen along with Backup Server
Burglars breaking into the Minneapolis Veterans Home stole a backup computer server containing private records of over 300 residents. The server stored telephone numbers, addresses, next-of-kin details, social security numbers and other private medical details or the 336 residents, according to the statement of an official with the Minnesota Department of Veterans Affairs quoted by StarTribune.com.
It appears the burglars broke into the facility early on a Sunday. According to Gil Acevedo, deputy commissioner for Veterans Health Care, the thieves also took a tool kit, a laptop computer, a guitar and a computer game, and are unlikely to have targeted the private records.
“We don’t suspect the burglars came in looking for that specifically,” he said. “They broke in, kicked in several doors, and took a series of things. There’s no pattern.”
The case is currently investigated by the Minneapolis police together with the Veterans Affairs department. The residents, their families and credit bureaus have all been informed of the data theft in order to prevent subsequent identity theft and fraud attempts.
Secuirty Threat Caused by Lost USB Sticks
Yet another data breach caused by lost hardware has been reported by a governmental institution. The U.K.’s Ministry of Defence (MoD) has released information on 121 USB sticks, including five containing classified information that have been lost or stolen since 2004.
As reported by DarkReading, these troubling figures became public four years later in response to an official question from Sarah Teather, a Liberal Democrat Member of Parliament. They are the latest yet not the only embarrassing breach involving the UK government. The MoD’s missing USBs come after the loss of two disks containing welfare private data on 25 million U.K. citizens and loss of an extensive number of laptops and mobile phones.
“Far from the problem getting better, it seems actually to be getting worse at the moment,” said Teather. “I think that the government has a duty to come clean and say whether or not anyone has been put at risk as a result of this – we need reassuring, for example, that none of our troops have been put at risk.”
The British government’s latest storage snafu comes less than a year after Her Majesty Revenue and Customs (HMRC), which is the U.K’s equivalent of the IRS was at the center of the country’s largest ever data loss.
This recent events begs a mind blowing question: how many such breaches actually happened but were never released to the public? And how long would it have taken until UK authorities informed the public on these national security breaches if there hadn’t been a formal inquiry?
