The New Jersey legislature, for instance, this week passed a bill (A-1238) that says copy machines and scanners should have their hard drives erased or otherwise modified to make sure records stored digitally on them are no longer viewable after the owner gets rid of the machines.
As a result of the state’s review of the file loss, the hospital is forced to pay a $750,000 settlement. However, the true total is $475,000, which is the balance due based on the hospital’s pre-existing investment of $275,000 in technology, particularly data-handling upgrades. The remaining balance will go to enforcement payments ($250,000) and a data-security education fund ($225,000).
It maintains information about people who share the same phone number or address, “non-obvious” relationships between individuals, loans for dental work, magazine subscriptions, rental history, real estate assets, investment wealth, retail purchasing, the type of federal tax return someone files, marital status, employment, utility payments, cable TV accounts, criminal records, debt-to-income ratios, changes of address, motor vehicle files, post office boxes, inferences about someone’s capacity to pay bills, predictions about someone’s propensity to pay, links to past and potential fraud crimes–and more
In retaliation against Internet Service Providers (ISPs) blocking some video-sharing and torrent websites like The Pirate Bay under Indian court orders, Anonymous, the “hacktivist” organization, today took down the websites of the ruling Congress Party and the Supreme Court of India.
Channel partners honing their compliance skills will soon be able to add one more to their portfolio with the launch of a new Payment Card Industry Security Standards Council certification program specifically targeting integrators and resellers.
Several healthcare associations are questioning another provision that would require hospitals and physician groups to conduct a security risk analysis that includes “addressing the encryption/security of data at rest.”
The latest PCI compliance stats—out this week—show trivial changes from the prior report, with Level 2 and Level 3 retailers slightly increasing compliance. Level 2 went from 91 percent at the end of December 2011 to 92 percent as of March 31, 2012, and Level 3 also increased by 1 percent, from 58 percent to 59 percent. The largest chains, the Level 1s (processing more than 6 million Visa transactions annually), stayed exactly the same, at 98 percent.
There is now an ongoing and massive cyberattack targeting the American gas-pipeline industry, aimed at giving the attacker a way to gather sensitive information by compromising business systems and possibly even subverting industrial control systems
The hacker who stole Facebook’s source code has gone public with a deeper explanation of how he penetrated the world’s most popular social network.
Microsoft has detected a new piece of malware targeting Apple OS X computers that exploits a vulnerability in the Office productivity suite patched nearly three years ago.