Data on 3.3 million borrowers was stolen from a nonprofit company that helps with student loan financing.
The theft occurred on March 20 or 21 from the headquarters of Educational Credit Management Corp. (ECMC), which services loans when student borrowers enter bankruptcy. The data was contained on portable media, said the organization, which is a dedicated guaranty agency for Virginia, Oregon and Connecticut.
via Company says 3.3 million student loan records stolen.
My office is investigating allegations that a radiologist formerly affiliated with Griffin Hospital improperly accessed the medical information of almost 1,000 of the hospital’s patients,” Blumenthal said in a prepared statement
via Blumenthal Investigating Griffin Hospital Information Breach | Connecticut Watchdog.
Hacker Albert Gonzalez is sentenced to 20 years in prison for his role in hacking TJX, Barnes & Noble, OfficeMax and other retailers. He faces the possibility of more time behind bars when he is sentenced for his role in hacking a slew of other companies, including Heartland Payment Systems.
via Gonzalez Gets 20 Years in Hacker Case – Security from eWeek.
The five new listings are:
* Montefiore Medical Center, New York, 625 affected individuals, theft of a laptop;
* Private Practice, San Antonio, 21,000 affected individuals, theft of a portable device;
* Thrivent Financial for Lutherans, Wisconsin, 9,500 affected individuals, theft of a laptop;
* Wyoming Department of Health, 9,023 affected individuals, unauthorized access of a network server; and
* Aspen Dental Care P.C., Colorado, 2,500 affected individuals, theft of an undisclosed nature.
via HHS Adds to List of Data Breaches.
“In my view, the implementation of FISMA has been like getting on a treadmill as a means to go to a destination,” Gilligan said in prepared testimony. “A treadmill is great if all you want is exercise, but it is not the way to reach a destination.,” he added.
via FISMA blasted at House hearing – FierceGovernmentIT.
Often, merchants prepare a thoughtful risk assessment and then file it away (a.k.a., “shelfware”) until their QSA returns the next year, at which time it gets dusted off, reviewed and, hopefully, updated. If that describes your situation, you could be missing a golden opportunity to reduce your PCI scope, lower your risk and cut your cost of PCI compliance
via StorefrontBacktalk » Blog Archive » Squeezing More Value From Your PCI Assessment.
Hackers have stolen the login credentials for more than 8,300 customers of small New York bank after breaching its security and accessing a server that hosted its online banking system.
via Hackers pluck 8,300 customer logins from bank server • The Register.
Three men accused of being involved an audacious attack on US ATM machines in 2008 have been arrested by the feared Russian Security Service (FSB) in an event that is being interpreted as marking a sea change in Russian policy towards cybercrime.
via Russia arrests WorldPay hackers after FBI plea.
In the seven years that it has been the law of the land, FISMA, The Federal Information Security Management Act, has helped raise awareness of the need for information security on the federal government's networks, as well as on the networks supporting private industry.
But this latest version of the Office of Management and Budget's FISMA report to Congress pulls into focus the ways that the Obama Administration wants to change how the federal government complies with FISMA at a time when cyberthreats are escalating.
via Federal News Radio 1500 AM: OMB outlines shift on FISMA.
What follows are 10 commonsense steps you can take to prepare for a FISMA audit. While basic FISMA compliance won't always meet every government organization's security requirements–for example, you may be required to implement stricter data control requirements or a more involved change control process–you will have a sturdy base to build on.
via 10 Steps To Ace A FISMA Audit — FISMA — InformationWeek.