Data Privacy Day is an initiative of the National Cyber Security Alliance started in 2008 in United States and Canada. Now it is celebrated also in Europe and its purpose is to raise awareness among Internet surfers, social media fans, online gamers, online shoppers…so pretty much all of those who use the Internet, about the importance of their personal information privacy.
We are big fans of data security, so we encourage you to do the following for at least one day OR starting from today:
1. Stop sharing so much personal information on your Facebook, Twitter, Google +, etc. account. Hackers can use that information and you might find out one day your online identity is robbed, your passwords don’t match anymore, or even worse, your bank account is empty. Not to mention the creepy stalkers outside your house, who, of course, found out where you live from Facebook…
2. Change your passwords and do not assume that using the same strong password on all your online accounts is enough. Use alphanumeric passwords, but not “pasword1234″.
3. Use a special card for online transactions. There are options like disposable cards, or weekly withdrawal limits you can set with your bank.
4. Encrypt your data on USB sticks or other portable storage devices. Losing such a small device where you surely have important data is very frustrating. At least no one will be able to access your data once they find your USB stick.
5. Don’t forget about your mobile devices: smartphones and tablets. They need protection as much as your laptop or desktop does. Don’t download suspicious apps and use AdBlock software to avoid annoying popup ads that could also carry malware.
This is it from us, but the guys from National Cyber Security Alliance have more advices and you can find them on:
The Kansas Department on Aging has recently reported a hardware theft that caused a data breach affecting about 7,000 of its customers. A laptop, a flash drive and paper files were stolen out of an employee’s vehicle, putting thousands of senior customers at risk.
The stolen files contained personal and protected health information belonging mainly to customers located in Sedgwick, Harvey, and Butler counties. The theft was immediately reported to the Wichita Police Department. The Kansas Department on Aging says it is cooperating with the police, but the stolen hardware has not yet been recovered. Read more
A data breach affecting 1.8 million customers of two New York utilities companies has recently been made public by the New York State Public Service Commission. The investigation into this data breach was initiated after an employee from a third party IT company contracted by New York State Electric & Gas (NYSEG) and Rochester Gas and Electric (RG&E) was given unauthorized access to the company’s databases.
It is not clear if accessing the customer databases had any malicious intent, both affected companies claiming there was no proof of any data having been misused as a consequence of the breach. But, to stay on the safe side, they have decided to send out notifications regarding the data access, as it exposed Social Security Numbers, dates of birth and financial account information, as shown in the official press release sent out by the NY Commission. Read more
Mid-August seems to have been the perfect time for a fresh increase in hacking incidents that lead to sensitive data being lost or exposed. Maybe the security incidents have been powered by all the news on Anonymous and LuizSec of late, or maybe companies still don’t know what they’re facing. The truth is the simplest hacks seem to get straight to the sensitive information they store on their projects, their partners and mostly their clients.
The first such incident targeted Epson Korea, where a website hack managed to compromise the details of about 350,000 customers. The data accessed by hackers included names, user IDs, passwords and resident registration numbers. Read more
The Alaska Department of Education and Early Development issued a warning for school districts across the state announcing that a computer hard drive containing information on 90,000 students was stolen from Juneau.The Juneau Police Department is currently investigating the theft.
“Alaska law requires government agencies that collect personal information to notify you if your information is lost or stolen,” Commissioner Mike Hanley wrote in a news release. “This theft has unfortunately resulted in the release of some of your personal information to an unauthorized third party.”
Personal information such as names, birth dates, id numbers and more could have been accessed with the help of the stolen equipment. Read more
Printed, stored on computers or on flash drives, your data is just not safe. Your personal details that you entrust to companies you work with, doctors and other third parties will just end up exposed. If you are lucky enough, they might get in the hands of someone who won’t use your address, social security number or card details to harm you on their quest to get fast and easy money. If you’re unlucky, your accounts will just turn empty one day, your identity will be used to commit felonies or crimes and you will have years of paperwork and bad credit records in front of you.
Let’s check the recent data breach news. We have a stolen computer that contained names, ages, addresses and medical conditions of 700 children. Next come rushing in: backup tapes and other media containing cord blood bank customer information stolen from car, which ended up exposing about 300,000 records; and 113 patients’ names and Medicare numbers on a document stolen from a vehicle… Read more
Four women living in the Waco area have been charged and arrested as a result of their conspiracy to commit identity theft. They have developed a scheme scheme involving stolen Fingerprint Applicant Services of Texas (FAST) applications required by licensing and certification entities such as the Texas Education Agency.
A seven count federal grand jury indictment, that was unsealed yesterday afternoon, charges 32-year-old Angela Cuellar, 38-year-old Yolanda Ramos, 33-year-old Diane Rivera and 29-year-old Christine Elifritz with one count of conspiracy to commit identity theft. Angela Cuellar has also been charged with six substantive aggravated identity theft counts while Elifritz and Ramos, with only one aggravated identity theft count. Read more
Graves also changed the home addresses of bank customers to New York addresses in order for Reid to be able to retrieve the goods she had purchased from high end retails stores, using the stolen accounts. Read more
Panic grows among 7,000 students that are attending City College of New York as this week they have been notified by the school’s officials that a laptop theft may cause public exposure of their private details, including names and social security numbers.
The computer was stolen a couple of weeks ago, according to a post published by the Educational Security Incidents (ESI) blog. The data of the computer was not encrypted, but only password protected. CCNY officials found no evidence that any of the data has been used for identity theft or other illegal endeavors. Read more
New York-based Lincoln Medical and Mental Health Center is the center of attention in security news after exposing sensitive patient information. The lost data was the result of a failed FedEx delivery – CDs with unencrypted data was sent to the Center but never made it to its destination.
The lost data included medical and psychological diagnoses and procedures for over 130 000 patients, as stated in an official notification. An investigation trying to locate the missing CDs was launched back in April, but it failed to recover the data: names, addresses, social security numbers medical record numbers, dates of birth and more, enough for any half-decent identity thief to have a blast.
According to the Register, Licoln is at least note alone in this mess:
Lincoln’s notification to the US Department of Health website came the same day officials at the University of Maine said sensitive details for 4,585 individuals who sought services at the school’s counseling center have been stolen by hackers who compromised two servers. The exposed data included names, clinical information and social security numbers for people who used the service over an eight-year span ending last week.
Other medical facilities to fess up to losing patient data in the past 24 hours, according to the Department of Health website, include Silicon Valley Eyecare Optometry and Contact Lenses, with 40,000 people affected, Kentucky’s Our Lady of Peace Hospital, with 24,600 affected, and the Cincinnati Children’s Hospital Medical Center, which affected 60,000.