Self-encrypting laptop from Dell

November 13th, 2008 by Agent Smith (0) DLP, Data Encryption, IT security, encryption schemes, endpoint security

One of the most common causes of security breaches is stolen hardware. And I’m sure you’ve all heard of the thousands and thousands of laptops stolen in airports, from parking lots and other public places. And as most companies fail to implement a comprehensive endpoint security solution, a stolen laptop means trouble. For the end users, a laptop sometimes stores most of their documents, personal and business, memories from trips and other important events and everything that is private and dear to them. Picturing everything lost to a stranger’s hand is hard to cope it.

Dell states there’s a new way to prevent such bad things from happening: a self-encrypting laptop. Your data is still lost, but at least no one can acess it. The drives with self-encryption features are produced by Seagate and embedded in the new Dell product. And apparently, the Seagate hardware will soon be shipped by IBM and LSI as well. Let’s hope no one breaks the encryption system!

Data Breach Effects: Advice on How to Rebuild Credit Ratings

October 13th, 2008 by Agent Smith (1) Data Loss, Data Theft, IT security, Identity Theft, Laws & Standards, fraud, online fraud, security breach

As more and more data breaches are revealed and debated online, the number of victims of such incidents increases. From never-ending sales calls to having items charged on your card to seeing credit ratings go down the drain to identity theft, these people are the ones who feel the most powerful consequences, not the companies where the breaches occur.

So what are these people to do to protect themselves and get back to how things were? In what credit ratings are concerned, UK victims are advised to use the Data Protection Act to rebuild them. According to E-Victims org, a former support group for cybercrime victims quoted by the Register, even after establishing fraud and absolving themselves of liability to fraudulent debt, data breach victims still have poor credit ratings.

As credit agencies rely on data from lenders, not on corrections communicated by those who borrow money, the organization says the Act could be used to force lenders to correctly communicate the status of fraud and data breach victims. Otherwise, even if they get a new credit, victims of such breaches will still have to pay higher interest rates. The Register also directs victims to a factsheet published by E-Victims.org aimed to help them with their credit reports.

2008: Sky is the Limit for US Data Breaches

September 6th, 2008 by Agent Smith (0) DLP, Data Leakage, Data Loss, Data Theft, IT security, Identity Theft, Research and Studies, security breach

The year is not even close to being over and the data breaches reported in the US have surpassed exceeded the number of such incidents reported for 2007, says San-Dieg based Identity Theft Resource Center. And while these numbers amaze and worry us, we should keep in mind the same ITRC admits the number might be higher as some breaches are never reported.

In the first 8 months of 2008, 449 US businesses and government agencies have reported either lost or stolen data. These breaches resulted in compromised data on over 22 million individuals. Wonder what the real numbers are, considering the unreported or half-disclosed breaches. ITRC estimates that about 40% of such cases are somehow beautified or kept quiet.

In a statement quoted by the Register, ITRC founder Linda Foley thinks the large numbers reported are also due to companies being more open about admitting data breaches rather than to an increase in data thefts and losses.

“If more states would publish breach notification lists, there would be more information to study and to help us understand this growing concern,” she said. “At this time, only three states publish such information. Additionally, more companies are starting to audit their security and network systems and use readily available security measures. This pro-active approach means that breaches are being identified that might otherwise have gone undetected.”

Be it openness or more frequent breaches, the real numbers are scary. I for one am really not looking forward for next year’s reports :)

Countrywide Employee Arrested For Stealing Customer Private Data

August 5th, 2008 by Agent Smith (24) DLP, Data Loss, Data Theft, IT security, In the News, endpoint security, security breach

Californian FBI agents have recently arrested a Countrywide Financial Corp. employee suspected to have stolen personal information about the home mortgage lender’s customers. This new negative event puts a whole new pressure on the company who has been severely affected by the current lending crisis and has also been investigated for fraud.

According to a Computerworld article, Rene Rebollo who was a senior financial analyst for Countrywide Home Loan’s subprime mortgage division, accessed customer data through his work computer and saved it onto flash drives that he then took out of the company. According to the FBI, Rebollo admitted three months ago to have given the private information to third parties. Another man accused of having bought the stolen data was also arrested along with Rebollo.

How much money did Rebollo make from selling the data? Not nearly enough to compensate the minimum 5 years he could spend in jail: 50,000 to 70,000 dollars! Countrywide is now analyzing if he has really exposed the identity of customers and if this is the case, all those affected will be notified.

It would be interesting to see a subsequent analysis of how much Countrywide lost in this affair. But it is hard to determine the costs of a bruised image and shattered trust in the company.

Brand New Security Breach Reported by the US Army

July 21st, 2008 by Agent Smith (1) DLP, Data Leakage, Data Loss, Data Theft, IT security, Identity Theft, In The Spotlight, In the News, endpoint security, security breach

Ever since 2006, several cases of exposed sensitive data surrounding the US Army have kept the newspapers busy. A new such case has recently hit the papers, when a laptop computer was reported stolen from an Ary employee’s truck. The laptop contained personal information on about 900 soldiers from Fort Lewis. The information was released by Lacey police officials and quoted by The New Tribune.

As the theft might expose the Army employees to identity theft risks, the involved soldiers have been notified of the breach, said a post spokeswoman. According to Army officials, the employee, a civilian military personnel specialist, from whom the laptop has been stolen appears to have violeted Army standards and policies for protecting personal information and government property.

The Army is assisting Lacey police with the theft investigation and conducting its own review, said Catherine Caruso, a Fort Lewis spokeswoman.

“We’re not releasing anything more about what information was inappropriately compromised or about the soldiers whose information was involved,” Caruso said. “Clearly it was personal information regarding 800 to 900 soldiers from Fort Lewis. Beyond that, we’d rather not specify.”

« Previous Entries
© Endpoint Security Info 2008. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML