Category Archives: Data Security

Former TSA analyst charged with computer tampering

Posted by on March 13, 2010 No comments

A U.S. Transport Security Administration analyst has been indicted with tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the U.S.

Douglas James Duchak, 46, was indicted by a grand jury Wednesday with two counts of damaging protected computers. According to a federal indictment, Duchak tried to compromise computers at the TSA's Colorado Springs Operations Center (CSOC) on Oct. 22, 2009, seven days after he'd being given two weeks notice that he was being dismissed. He was also charged with tampering with a TSA server that contained data from the U.S. Marshal's Service Warrant Information Network.

via Former TSA analyst charged with computer tampering.

Online banking fraud losses rise to nearly £60 million

Posted by on March 13, 2010 No comments

Online banking fraud losses increased by 14 percent to £59.7 million last year, according to the latest figures from The UK Cards Association.

This represents an increase of £7.2 million in online banking fraud losses compared with 2008 (£52.5 million).

via Online banking fraud losses rise to nearly £60 million.

HSBC Private Bank: Data of 15,000 clients stolen

Posted by on March 13, 2010 No comments

The data theft, said HSBC, was done by a former IT employee about three years ago, involves existing clients who had accounts with the bank in Switzerland before October 2006.

The stolen client information is limited to accounts in Switzerland, excluding ex-HSBC Guyerzeller accounts, the bank added. There is no data compromised for any branches of the bank outside Switzerland, which operate on separate systems and security, or other entities within the HSBC Group, the bank noted.

via HSBC Private Bank: Data of 15,000 clients stolen.

Wyndham hotels hacked again

Posted by on February 27, 2010 No comments

Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data.

The break-in occurred between late October 2009 and January 2010, when it was finally discovered. It affected an undisclosed number of company franchisees and hotel properties that Wyndham manages. Wyndham has acknowledged the incident in a note posted to its Web site.

via Wyndham hotels hacked again.

Breaches Affecting 500 or More Individuals

Posted by on February 25, 2010 No comments

Breaches Affecting 500 or More Individuals

As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary.

The Methodist Hospital

State: Texas

Approx. # of Individuals Affected: 689

Date of Breach: 1/18/10

Type of Breach: Theft

Location of Breached Information: Computer

via Breaches Affecting 500 or More Individuals.

Two Data Security Breaches Give State Attorneys General a Chance to Exercise Their New HIPAA Powers

Posted by on December 8, 2009 No comments

Connecticut Attorney General Richard Blumenthal (D) has emerged as possibly the first AG to take on a HIPAA investigation, and Arizona’s AG may also be pursuing a similar course. The larger of the two breaches that have come to the AGs’ attention was experienced by Health Net, Inc., which lost a portable external hard drive containing seven years of data for 446,000 Connecticut residents. The lost data came from 1.5 million individuals in total, who also hailed from New Jersey and New York.

via Two Data Security Breaches Give State Attorneys General a Chance to Exercise Their New HIPAA Powers.

New Report Helps Enterprises Choose Their Own DAM Products – database security/Security – DarkReading

Posted by on December 2, 2009 No comments

Some DAM products provide features for privileged-user monitoring and basic database auditing, two areas that have historically been underserved. Need more? The use of DAM technology is starting to be considered an essential control when demonstrating compliance with industry regulations and standards that require regular review of logs — a category that includes PCI DSS, HIPAA, the Gramm-Leach-Bliley Act, FISMA, and Sarbanes-Oxley.

via New Report Helps Enterprises Choose Their Own DAM Products – database security/Security – DarkReading.

Largest bank-card security breach in Czech history – Banks block thousands of cards

Posted by on November 27, 2009 No comments

Clients of four major Czech banks could find their accounts blocked at their next visit to the ATM as a result of the largest bank-card security breach in Czech history.

via The Prague Post – Business – Banks block thousands of cards.

UMC has patient privacy leak – has been selling patient data

Posted by on November 20, 2009 No comments

Private information about accident victims treated at University Medical Center has apparently been leaking for months, the Sun has learned, allegedly so ambulance-chasing attorneys could mine for clients.

Sources say someone at UMC is selling a compilation of the hospital’s daily registration forms for accident patients. This is confidential information — including names, birth dates, Social Security numbers and injuries — that could also be used for identity theft.

via UMC has patient privacy leak – Friday, Nov. 20, 2009 | 2 a.m. – Las Vegas Sun.

Health Insurer Loses 1.5 Million Patient Records | Threat Level | Wired.com

Posted by on November 20, 2009 No comments

A health insurer lost 1.5 million patient records last May but waited six months to disclose the incident.

The data, which was stored on a portable disk drive that disappeared from the insurer’s office, was unencrypted and included patient Social Security numbers, bank account numbers and health data, according to the Hartford Courant. The disk also contained personal information on at least 5,000 physicians.

via Health Insurer Loses 1.5 Million Patient Records | Threat Level | Wired.com.