Endpoint Protector Appliance: Stop data theft on Windows and Mac

June, the month with the most data breaches of 2011 so far

August 16th, 2011 by cristina (0) Data Theft & Loss,DLP,In the News

According to datalossdb.org, a site belonging to the Open Security Foundation, that publishes the latest news regarding data loss and data breaches, the month of 2011 with the largest number of such incidents was June, when 90 cases were recorded.

The causes of these incidents were very diverse: from the ever-present theft of computers, laptops or hard drives and other portable devices, to fraud, hacking attacks, personal information disclosed on websites, viruses, documents thrown in the dustbin, etc.

The most significant breach from June was the one produced at Sony Pictures, when the LulzSec hackers have accessed one million records of Sony clients in Belgium and the Netherlands.

Short Data Breach Disclosure Windows, Potentially Damaging to Consumers

August 1st, 2011 by Agent Smith (0) Data Theft & Loss,Identity Theft,Laws & Standards

We’ve all heard of the mind-blowing cases where it takes companies months and even years to disclose data and security breaches to their customers. They keep the information to themselves, run the investigations and only later release the details to their customers, the direct victims of the breaches. But apparently, blowing the whistle too soon is not a much better idea either, according to security experts.

en-banner.png

The debate over which time frame helps customers and which rushed actions actually do more harm was started by the SAFE Data Act data breach law which is now making its way through US committees in an attempt to better regulate what happens when a company is affected by a data breach. The new law requires “companies and other entities that hold personal information to establish and maintain appropriate security policies to prevent unauthorized acquisition of that data.” If passed, it will also make it compulsory for breached companies to inform customers within 48 hours of discovering an incident. Read more

Monday Endpoint Security and DLP Roundup #1

July 18th, 2011 by Agent Smith (0) Data Theft & Loss,endpoint security,security breach

en-250x250.pngThe weekend brings news of several security breaches, some showing a trend, others just containing very real warnings. As the week starts, here’s what you might have missed over the weekend, to keep you alert and informed. Today’s roundup brings you a few employees gone rogue on corporate data, sensitive information posted online, again the ever present stolen laptop and quite a few of these mishaps happening in institutions related to health care.

A security breach that happened back in April finally surfaced and it involves South Australian DNA testing company Medvet. The mishap led to customers’ names, work and home addresses, and types of DNA testing kit ordered being exposed online and dutifully indexed by Google. Australia’s Privacy Commissioner Tim Pilgrim has already launched an investigation.

Read more

Employee goes home with 9,000 records of coworkers

June 29th, 2011 by Agent Smith (0) Data Theft & Loss,endpoint security

An employee of the California Department of Health thought it would be a great idea to access and copy to a portable drive personal information belonging to 9,000 former and current state employees.  The security breach discovered within the department involved names, dates of birth, and addresses stored in compensation records of the affected parties.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

The California Department of Health is currently running an investigation on the scope and extent of the breach. In the mean time, the person responsible for the unauthorized removal of personal records from the institution is on administrative leave, answering all the questions needed to understand the incident.  Read more

Hacks and Stolen Hardware, Top Data Breach Causes

June 20th, 2011 by Agent Smith (0) Data Theft & Loss,DLP

After analyzing the couple of dozens of breaches that made it to the security news pages last week, we concluded hackers going wild on websites and stolen hardware, particularly laptops, were the most frequent causes for data loss last week. The Citigroup breach did take center stage, as it turned out they downplayed the number of exposed accounts a little. By a little we mean they almost cut them in half! The originally disclosed 200,000 turned out to be 360,000. Just a minor overlook, I’m sure.

But the Citigroup situation was far from feeling lonely last week. Here are part of the security fails caused by successful hacking attempts and lost hardware:

Hackers breaching security

Workspace reported a hack that breached its legacy platform and exposed client data.

Hackers also breached WriterSpace.com, accessed 12,000 members’ email addresses and then posted them online for everyone to see.

BioWare also dealt with a hacker breaching their security. The result was 18,000 user account names, passwords, email addresses, and birth dates being exposed.

Read more

Loss or theft of hardware, still important cause for data breaches in health sector

May 23rd, 2011 by Agent Smith (0) Data Theft & Loss,security breach

Although there are measures than can be taken to prevent data breaches caused by employees and to involve the personnel more into avoiding such occurrences, there are a lot of security mishaps caused by the loss, theft or misplacing of company hardware by staffers. Laptops, hard drives, USB stick  and other storage devices are being lost or stolen on a daily basis, exposing the private data of thousands of people to identity theft or fraud, and many of them occur in the health sector. Read more

Data Breaches Down, But Threat Still Real

April 25th, 2011 by Agent Smith (0) DLP,endpoint security,Research and Studies

According to Verizon’s DBIR (Data Breach Investigations Report) issued this year, the number of data breaches in the last years has fallen significantly, but there is still reason to remain vigilant. The numbers show a decrease from 144 million compromised records in 2009 to 4 million compromised records in 2010. The progress is even more significant if we take under consideration the progress since 2008, when 361 million records have been compromised.

This study was conducted by Verizon along with U.S. Secret Service (USSS) and the Dutch High Tech Crime Unit (NHTCU).

“With the addition of Verizon’s 2010 caseload and data contributed from the USSS and NHTCU, the DBIR series now spans 7 years, 1,700-plus breaches, and over 900 million compromised records,” said a post to the Verizon Business Security Blog that accompanied the report.

Read more

Autmattic and WordPress.com Hacked

April 14th, 2011 by Agent Smith (0) endpoint security,security breach

Servers belonging to Automattic, the company which maintains the WordPress.com platform have recently been hacked via root access. The latest details regarding this breach that is still under investigation comes from an advisory from Automattic. However, the initial findings are quite unsettling for the 18 million publishers hosted by wordpress.com.

“Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed,” the company’s founder, Matt Mullenweg, wrote. “We presume our source code was exposed and copied. While much of our code is open source, there are sensitive bits of our and our partner’s code. Beyond that, however, it appears information disclosed was limited.”

Read more

BP Loses Laptop With 13,000 Claimants’ Personal Data

April 4th, 2011 by Agent Smith (0) Data Theft & Loss

A computer containing data belonging to Gulf residents that have filed complaints after the oil spill was lost by a BP employee. Last week BP spokesman Curtis Thomas stated that  etters were sent to roughly 13,000 people whose data was stored on the lost computer. The letters notify those affected of the potential data breach and offer free credit monitoring to those who request it. The missing device has been reported to law enforcement agencies.

According to Thomas, there is no evidence that the lost personal data was misused as of yet.

“We’re committed to the people of the Gulf Coast states affected by the Deepwater Horizon accident and spill, and we deeply regret that this occurred,” he said.

Read more

Data Loss Affects Personal Details of over 24,000 Laredo ISD Students

March 30th, 2011 by Agent Smith (0) Data Theft & Loss,Identity Theft

Thousands of current and former high school students in the Laredo Independent School District could become identity fraud victims after a disk holding the Social Security numbers of 24,903 individuals has gone missing, said the Texas Education Agency.

Suzanne Marchman, TEA spokeswoman stated that the agency first became aware of the situation in January, when sensitive data from Laredo ISS was requested by officials with the University of Texas at Dallas’ Education Research Center .

The CD containing the information requested by TEA, was sent to the William B. Travis Building in Austin, which houses the TEA. It was received and signed for, but never reached its intended recipient. Thus, numbers for thousands of 11th and 12th graders over multiple years have been lost, instead of being delivered to James Van Overschelde, the TEA’s former director of educational research. Read more

« Previous Entries
Next Entries »
© Endpoint Security Info 2012. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML