Endpoint Protector Appliance: Stop data theft on Windows and Mac

Stolen laptop and flash drive expose 7,000 to data theft

February 1st, 2012 by Agent Smith (0) Data Theft & Loss,Identity Theft

The Kansas Department on Aging has recently reported a hardware theft that caused a data breach affecting about 7,000 of its customers. A laptop, a flash drive and paper files were stolen out of an employee’s vehicle, putting thousands of senior customers at risk.

The stolen files contained personal and protected health information belonging mainly to customers located in Sedgwick, Harvey, and Butler counties. The theft was immediately reported to the Wichita Police Department. The Kansas Department on Aging says it is cooperating with the police, but the stolen hardware has not yet been recovered. Read more

Zappos and Amazon face consequences of data breach

January 24th, 2012 by Agent Smith (0) Data Theft & Loss,Identity Theft,In the News

When you are the lead artist of a security mishaps that ended up in a data breach affecting some 24 million people, consequences are bound to catch up with you. And they just have caught up with shoe retailer Zappos.com and the bigger online fish behind them, Amazon.com. The two companies are being sued by the customers affected by the data breach, being accused of negligence.

A woman from Texas seems to be the main promoter in this Kentucky lawsuit. She claims that she and millions of other customers were harmed by the exposure of their personal account information. Zappos and Amazon have not commented on the lawsuit as of earlier today.  Read more

Security audit reveals Department of Taxation internal breaches

December 18th, 2011 by Agent Smith (0) DLP,endpoint security

The US Department of Taxation (DOTAX) decided to take a closer look at how their systems work this year. The process of evaluation included a security audit which lead to discovering internal security breaches dating back to 2008. DOTAX celebrated the three years of undiscovered breaches by putting employees of the Hawaii DOTAX on administrative leave without pay and starting a comprehensive investigation.

Device Control for Windows and Mac

The breaches affected the Department’s computer tax database but no one knows when they occurred, it is suspected they happened at least as far back as 2008.The discovered incidents were immediately turned over to the Department of the Attorney General for review and investigation. Read more

Steam hit by hackers. Are all their 35 million user accounts breached?

November 14th, 2011 by Agent Smith (0) Data Theft & Loss,Identity Theft,security breach

Almost two weeks ago, we revealed the major changes that had happened this year in the major data breaches top of all times. 2011 was leading in what the number of high profile of breaches is concerned. The top might change once more, ensuring an even stronger position for the current year as hackers hit Steam, a gaming giant that is home to 35 million user accounts.

What we know so far is that the Steam customer data base has been indeed accessed by hackers.

“We learned that intruders obtained access to a Steam database in addition to the forums,”  said Gabe Newell, co-founder and managing director of Steam parent company Valve. “This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.”

Read more

2011 Brings Major Changes in the Biggest Data Breaches of All Times Top

November 1st, 2011 by Agent Smith (1) Data Theft & Loss,endpoint security,security breach

While data breaches are as common as any other daily occurrence in the business and individual worlds, the large security incidents don’t happen as often, especially if you think that one of the breaches in the top ten all time largest data exposures dates back to 1984. 2011 is not yet over and it already is the poster child of this top we all want to see unchanged.

2011 is the only year with three major data loss incidents in the top ten: Sony Corporation with 77 million records exposed, SK Communications, Nate, Cyworld with 35 million and again Sony Corporation through their Sony Online Entertainment division with close to 25 million records exposed. Luckily for us, although it featured large incidents, 2011 did not create as many victims as 2009 with its two incidents, Heartland Payment Systems, Tower Federal Credit Union, Beverly National Bank which share the number one position in the infamous top with 130 million records exposed and RockYou Inc. with another 32 million.  Read more

Hackers Target Sony Once More, Thousands of Customer Records Exposed

June 3rd, 2011 by Agent Smith (0) Data Theft & Loss,Identity Theft,security breach

After the hacking of the PBS network website, Sony’s movie division website was also hacked and at least 50,000 consumer email addresses have published. A group called LulzSec has claimed responsibility for the attack and stated the security breach was made possible by an existing SQL vulnerability.

“What’s worse is that every bit of data we took wasn’t encrypted,” the group wrote in a press release announcing the hack. “Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.” Read more

Stolen Laptop Could Contain Private Medical Data of 20,000 Individuals

May 11th, 2011 by Agent Smith (0) Data Theft & Loss

A computer that may contain personally identifiable information of almost 20,000 Reid Hospital patients was stolen from an employee’s home office in early April. According to Craig Kinyon, CEO/President of Reid Hospital, the laptop was only one of the items stolen in a break in, this indicating that data was not the objective of the theft.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

The computer in question might have been storing reports on Medicare and Medicaid patients that have received treatment and medical services between 1999 and 2008. The reports contain names and Social Security numbers, as well as Medicare numbers.

No information stored after 2008 was stored on the stolen device. Nor were any financial information, banking information or other identifying information stored on the missing notebook.

Former employee gets home detention for breaching employer email system

March 1st, 2011 by Agent Smith (0) Data Theft & Loss,endpoint security,security breach

Inside threat is kicking and screaming and far from being gone from the corporate security world. Upset over being fired, a Californian woman breached the email system of her former employer and posted confidential documents to public websites. She got caught and the sentence was 60 days of home detention plus  ayear of probation for the one count of felony computer intrusion that 44 year old Ming Shao pleaded guilty to.

In her plea, the woman admitted to a value of the stolen information belonging to PanTerra Networks(which included a Weekly Ops Report) ranging between 10,000 and 30,000 US dollars. She admitted to have breached the PanTerra network and exposing the confidential files as a form of revenge for being fired in August 2009. Read more

Facebook fixes data theft issue

February 4th, 2011 by Agent Smith (0) Data Theft & Loss,security breach

A security problem that allowed malicious web sites to access personal user information without their explicit permission has just been fixed by Facebook. This flaw has been reported by Rui Wang and Zhou Li, two student researchers.

According to Graham Cluley, senior technology consultant at Sophos, the security lapse could let malware spread between users,and abuse data as it goes by impersonating a legitimate site that already has the permission to take information.

“According to Wang and Li, it was possible for any web site to impersonate other sites which had been authorised to access user data, such as name, gender and date of birth,” he said. “Furthermore, the researchers found a way to publish content on the visiting users’ Facebook walls under the guise of legitimate web sites, a potential way to spread malware and phishing attacks.” Read more

Data Breach affecting ALDI stores’ payment terminals

October 8th, 2010 by Agent Smith (1) Data Theft & Loss,Identity Theft,security breach
Between June 1 and August 31 2010 illegal payment card terminals have apparently been placed in several ALDI stores by unauthorised individuals in order to obtain secured information. With the help of these terminals, private information such as name, card account and PIN number have been acquired.

According to ALDI sources, terminals in the following areas have been affected: Read more