The Pentagon finally confirms the most significant breach of US military computers ever

August 26th, 2010 by Agent Smith (0) In The Spotlight,Malware Infections,security breach

The Pentagon has finally confirmed a security breach that happened back in 2008 and which one of their top officials has described as “the most significant breach of U.S. military computers ever.” The breach was caused when a foreign intelligence agent used a flash drive to infect US military computers, including those used by the Central Command to oversee combat zones in Iraq and Afghanistan.

The device in question was a cigarette-lighter-sized flash drive which was plugged into an American military laptop from a base in the Middle East amounted to “a digital beachhead, from which data could be transferred to servers under foreign control,” according to William J. Lynn 3d, deputy secretary of defense, quoted by the New York Times

“It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” Mr. Lynn wrote. Read more

Montefiore Medical Center: two computer thefts expose well over 23,000 private records

August 18th, 2010 by Agent Smith (0) Data Theft & Loss,Identity Theft

Two recent thefts of desktop computers belonging to the Montefiore Medical Center lead to the exposure of sestive information on patients and students stored by Montefiore’s Finance Department and School Health Program Administrative Offices.

The first incident happened in late May when two desktop computers were stolen from Montefiore’s Finance Department. The theft was discovered a couple of days later. Montefiore assessed the incident and concluded patient information had been stored on the computers, including patient names and medical record numbers. For some patients, the data stored also included social security numbers, dates of birth, hospital admission dates and/or insurer information.
Read more

Lost thumb drive leads to potential data breach

July 29th, 2010 by Agent Smith (0) Data Encryption,Data Theft & Loss

A thumb drive containing personal data of current and past graduate medical education residents and fellows at Cooper University Hospital has recently gone missing. Lost around July 8th, the incident has been reported to the proper authorites a few days later who are now looking into the potential security breach only two weeks later.

According to hospital sources, the lost data includes Social Security numbers, addresses, and phone numbers. As it always happens in such cases, the data was not in anyway encrypted or protected.

The University later released the following statement:

Read more

Senior execs love undermining security

June 18th, 2010 by Agent Smith (0) Data Theft & Loss,Identity Theft,In The Spotlight,security breach

When it comes to high-level executives, the rules of the game often change. They are used to ask for exceptions to be made for them, backdoors to be opened and a whole different set of rules to be applied. This is what turns them in one of the biggest threats to corporate security.

According to Jayson Street, CIO and managing partner of Stratagem 1 Solutions, senior executives often circumvent security rules and policies to suit their needs and whims at the expense of security. The negative effect is that the special treatment leads to enabling cybercriminals to easily gain access to corporate networks by impersonating as management personnel. That is why, because of their systems privilege and access rights, they become ideal targets for all those wanting to hack into corporate networks. Read more

Private data of 208,000 at risk after laptop theft

February 11th, 2010 by Agent Smith (2) DLP,Data Theft & Loss,Identity Theft,In the News

AvMed Health Plans is currently dealing with a prominent data breach after having two company laptops stolen from their corporate offices in Gainesville in early December. The theft could compromise personal information of over 200,000 current and former subscribers, as well as their dependents, said a company announcement quoted by Gainesville.com.

The two laptops contained details such as names, addresses, phone numbers, Social Security numbers and protected health information. Yet the company states that the risk of identity theft is very low, as data was listed in a random way, regardless of the fact that, 12 days after the incident, AvMed discovered the data on one of the two laptops was not properly encrypted.

AvMed states there were no reports of identity theft up to now, but they will only have a clearer view on the situation after their members start registering for identity protection, service provided by the company for free for the next 24 months.

« Previous Entries
© Endpoint Security Info 2010. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML