| 3.19.2008 |
Seattle Post-Intelligencer |
Big firms lose sight of tech equipment
 If millions of Americans have trouble keeping track of the technology equipment they have accumulated throughout the years, large and small companies find the task so daunting that many do not even try, security experts say. Sloppy inventory control, however, can cause major headaches for companies, experts add.
|
 |
| 3.17.2008 |
Rocky Mountain News |
Holes grow in net safety
 Breaches of personal data are a growing problem nationwide, as society handles more information electronically, and it becomes more common to transport that information on laptops and other mobile devices, according to security experts. Experts generally agree that large companies are doing a better job of reporting incidents, in part because they realize the lack of disclosure can come back to haunt them in terms of business costs, customer losses and lawsuits.
|
 |
| 3.17.2008 |
InfoWorld |
Data thieves steal credit card data from supermarket chain
 Data thieves broke into a computer network at supermarket chains Hannaford Brothers and Sweetbay and stole as many as 4.2 million credit and debit card numbers, Hannaford said, marking one of the largest reported data thefts from a retailer in U.S. history. The Associated Press reported that more than 1,800 cases of fraud had been linked to the theft.
|
 |
| 3.12.2008 |
Security Park |
IT departments worry about threat of data leaks from more open networks
 IT departments are under pressure to make corporate networks more accessible to remote workers and external users despite fears about data leaks, malicious content and hacking, according to a new survey by AEP Networks. With many different types of users remotely accessing networks, IT departments hope to reduce security risks by investing in new technology.
|
 |
| 3.11.2008 |
InternetNews |
Enterprises face data growth explosion
 A new study from research firm IDC and storage vendor EMC found that data requirements are growing at an annual rate of 60%, indicating that the IT impact will be extensive, ranging from the need to boost information governance to improving data security. Companies are responsible for the security, privacy, reliability and compliance of 85% of data in the digital universe, the study said.
|
 |
| 3.7.2008 |
PC World |
Protecting the mobile workforce
 While the productivity benefits of mobile devices are significant as enterprises continue to roll them out to the workforce, security experts say CIOs and other senior IT personnel must implement comprehensive mobile security policies to defend against internal and external security threats.
|
 |
| 3.5.2008 |
SearchSecurity.com |
NAC, disk encryption gaining attention, survey shows
 A new Forrester Research survey found that network access control (NAC), disk encryption and application security technologies and services topped the list of interests of IT professionals. The survey revealed that many companies are interested in new technologies to automate security, focus on threats at the end point and address internal threats.
|
 |
| 3.4.2008 |
InfoWorld |
U.S. FTC settles breach complaint with student lender
 The U.S. Federal Trade Commission said it settled a complaint against student lender Goal Financial for allowing an employee to sell a hard drive containing unencrypted personal information of 34,000 customers. Additional allegations claimed Goal Financial permitted two employees to access personal information of 7,000 customers and take the data to a competing firm, the FTC said.
|
 |
| 3.3.2008 |
Quad City Times |
Missing laptop, data could affect 20,000 Kraft Foods employees
 About 20,000 Kraft Foods employees were recently notified that a company-owned laptop computer with their personal information was stolen from an employee, noting that they could be vulnerable to identity theft.
|
 |
| 2.26.2008 |
Washington Post |
U.S. GAO finds data protection lagging
 Many major U.S. government agencies are doing too little to safeguard sensitive personal information, according to congressional investigators. Only two of 24 agencies studied by the U.S. Government Accountability Office have implemented all five security measures recommended by the U.S. Office of Management and Budget to protect personal information.
|
 |
| 2.25.2008 |
Federal Computer Week |
U.S. lawmakers ask agencies for data security update
 U.S. Senators Susan Collins, ranking member of the Homeland Security and Governmental Affairs Committee, and Norm Coleman, ranking member of the committee’s Permanent Subcommittee on Investigations, are demanding that 24 U.S. government agencies submit a timeline for when they will meet all requirements of the Bush administration’s plan to protect personally identifiable data.
|
 |
| 2.25.2008 |
Washington Technology |
New funding to protect cyber-assets catches industry attention
 A dramatic rise in attention and U.S. government funding for cybersecurity and infrastructure protection is expected in fiscal 2009, causing business contractors to seek fresh opportunities, industry observers say. Proposed spending on information technology security in fiscal 2009 is $7.3 billion, 10% higher than in 2008.
|
 |
| 2.19.2008 |
NewsFactor Business Report |
Data breaches: A global dilemma
 Data breaches occur regularly around the world, security experts say, many involving lost laptops and other off-network security devices. Many breaches receive little attention, however, experts note.
|
 |
| 2.19.2008 |
WREG |
Lifeblood lawsuit could cost billions
 A $192 billion class action lawsuit has been filed against regional blood donor Lifeblood in response to the loss of two laptop computers stolen from inside a Lifeblood storage facility in Memphis, Tenn. that contained information on more than 320,000 blood donors.
|
 |
| 2.15.2008 |
Los Angeles Daily News |
Employee data theft jolts Los Angeles Department of Water and Power
 A computer containing personal information on more than 8,300 Los Angeles Department of Water and Power employees reportedly was stolen from a vendor, utility officials have confirmed. The data included names, Social Security numbers, birth dates, employee identification numbers, salaries and healthcare benefits details.
|
 |
| 2.12.2008 |
SC Magazine |
ID theft instances down, cost per incident up: Javelin
 Identity theft remains a major concern of U.S. consumers because criminals have become more creative in how they steal personal information, according to a new Javelin Strategy and Research report. ID theft accounted for a loss of $45 billion during 2007 and the cost of individual ID theft cases rose by 25% to $691 per incident, Javelin reported.
|
 |
| 2.12.2008 |
Media Daily News |
U.S. FTC: Data security is top concern
 Eileen Harrington, deputy director of the U.S. Federal Trade Commission's Bureau of Consumer Protection, said consumer data security is the greatest concern of the agency’s enforcement work. Harrington noted that the FTC has already punished big-name companies for data security breaches.
|
 |
| 2.8.2008 |
InfoWorld |
Customers mismanaging access
 Many companies still fail to sufficiently address access controls for protecting information and IT systems, despite investments in security technologies aimed at thwarting data leakage and compliance violations, according to a new report from the Ponemon Institute. Most IT workers readily admit that their companies are doing a substandard job of keeping tabs on the level of access available to employees, temporary workers and independent contractors, the 2008 National Survey on Access Governance states.
|
 |
| 1.30.2008 |
Computing |
Data loss is inevitable, say most businesses
 A new risk management report has found that 59% of businesses anticipate a major loss of information to occur once every five years while data security concerns associated with mobile and portable devices continue to increase. Nearly half of respondents ranked mobile devices as a serious risk, but only one third said they had the ability to manage those risks, according to the Symantec report.
|
 |
| 1.30.2008 |
TechNewsWorld |
The biggest security threat for 2008 and beyond: End users
 Study after study continues to reveal a fundamental truth about the shifting landscape of IT security: the biggest threat to proprietary systems and information are trusted employees. When it comes to handling corporate data, non-malicious employees often accidentally make improper data security choices, experts say.
|
 |
| 1.29.2008 |
Newark Star-Ledger |
Health insurer says stolen laptop had customers' data
 Unencrypted personal information, including Social Security numbers, on more than 300,000 Horizon Blue Cross Blue Shield of New Jersey members reportedly was contained on a laptop computer stolen in Newark, N.J., recently.
|
 |
| 1.24.2008 |
What PC |
Why personal data loss must not be tolerated
 Many companies and government agencies establish good data security policies, encourage members to sign off on those policies, and then ignore the rules when handling confidential data, security experts say.
|
 |
| 1.21.2008 |
Security Park |
UK Ministry of Defence laptop stolen with personal details of 600,000 applicants
 A laptop computer containing the unencrypted personal details of 600,000 armed forces applicants was stolen from a Royal Navy officer, the UK Ministry of Defence has confirmed. Information on the laptop reportedly included National Insurance numbers, financial data and passport information.
|
 |
| 1.18.2008 |
Columbus Dispatch |
Lost tape contained data of 650,000 J.C. Penney customers
 Personal information on about 650,000 customers of J.C. Penney and as many as 100 other retailers could be compromised after a computer backup tape went missing from a storage warehouse. GE Money, which handles credit-card operations for retailers, said the missing information includes Social Security numbers for about 150,000 people.
|
 |
| 1.17.2008 |
Network World |
Cyber espionage seen as growing threat to business, government
 The SANS Institute has ranked cyber-espionage high on a list of 2008 data security menaces, saying theft of data will become more common as corporations and government agencies seek to gain economic advantage in multinational deals.
|
 |
| 1.14.2008 |
InfoWorld |
Nashville laptop theft may cost $1 million
 The theft of a laptop computer containing the names and Social Security numbers of 337,000 Tennessee voters could cost local officials about $1 million as they roll out identity-theft protection to potential victims.
|
 |
| 1.14.2008 |
SC Magazine |
Preventing security breaches from inside your private network
 Network security experts say the network perimeter is vanishing due to changes involving users, devices and authorizations. Going forward, a new model for enterprise defense must be established, experts say.
|
 |
| 1.9.2008 |
Computing |
Enterprises ignoring data security and privacy
 Technology, media and telecommunications (TMT) firms must increase their data security efforts and investments to keep up with the latest threats, according to a new Deloitte global survey that found only 53% of TMT companies report losses of customer data.
|
 |
| 1.8.2008 |
New Orleans Times-Picayune |
Audit of colleges says $1.6 million in items missing
 After $987,000 in computer equipment was reported missing in a recent audit of two Louisiana state colleges, a legislative auditor said audits commonly reveal such major losses from colleges and hospitals. The audit at the University of New Orleans and Southeastern Louisiana University reported a loss of 156 laptop and 130 desktop computers.
|
 |
| 1.5.2008 |
Johnstown Tribune-Democrat |
Pennsylvania seniors’ personal info stolen
 A computer stolen in a recent burglary contained personal information about 20,632 senior citizens in four Pennsylvania counties, according to the state’s Department of Aging. The information in the database reportedly included client Social Security numbers and other personal data.
|
 |
| 1.3.2008 |
SearchSecurity.com |
Hardware-based encryption gains most innovation of '07
 In 2007, many businesses turned to new security technologies and products to reduce risk to data in transit, security experts say. The shifting focus on mobile endpoints was most pronounced in hardware-based encryption, experts note.
|
 |
| 1.2.2008 |
ChannelWeb |
Data loss prevention trends to watch in 2008
 Security experts say 2007 was marked by many high-profile data security breaches, but 2008 will see additional security incidents in the headlines primarily because more companies and organizations will be required to publicly disclose breaches when they occur.
|
 |
| 1.2.2008 |
Daily Tech |
Personal data theft reaches record high
 The Identity Theft Resource Center and Attrition.org reported that 2007 was a record-setting year for data breaches in the U.S., with ITRC noting 79 million compromised records reported since the start of 2007 through Dec. 18. Attrition.org estimated 162 million records were compromised through Dec. 21 in U.S. and global markets.
|
 |
| 12.18.2007 |
Earthtimes |
World of identity theft continues to evolve
 The Identity Theft Resource Center predicts an increase in the number of data breaches in 2008 due to poor information handling policies and practices. The group also forecasts a higher recognition of identity theft as a crime by law enforcement and more legislative action on identity theft issues.
|
 |
| 12.18.2007 |
PC World Canada |
Dumpster-diving for e-data
 Every user who loses or disposes of a keychain-size flash drive could be unintentionally leaking critical information to a competitor, security experts say, adding that desktop and notebook computers disposed in landfills or even yard sales could represent a rich trove of corporate data left on a hard drive.
|
 |
| 12.13.2007 |
eWeek |
Office workers confess how they let security slide
 Research conducted by RSA in November found that 68% of respondents who work for the private sector admitted to taking away from work mobile devices, such as laptops, smart phones or USB flash drives that hold sensitive job-related information, customer data, Social Security numbers and company financials.
|
 |
| 12.12.2007 |
Baltimore Business Journal |
Personal information being exposed 'frequently and repeatedly,' study finds
 A new survey conducted by Deloitte & Touche and the Ponemon Institute found that 85% of North American security professionals reported at least one data breach within their organizations during the past year. The survey claims personally identifiable information of customers and employees is being exposed by businesses "frequently and repeatedly.”
|
 |
| 12.11.2007 |
Dark Reading |
Small businesses feel security's burn
 A new eMedia study found that 32% of small and medium-sized businesses have experienced a security breach during the past year, and these breaches are changing the sector's viewpoint on security tools and products.
|
 |
| 12.9.2007 |
USA Today |
Theft of personal data more than triples this year
 Thieves systematically pilfering sensitive personal data from companies, government agencies, colleges and hospitals contributed to more than 162 million records reported lost or stolen in 2007, triple the 49.7 million that went missing in 2006, according to a USA Today analysis of data losses.
|
 |
| 12.4.2007 |
Earthtimes |
Survey finds employees put corporate data and security at risk
 Most members of Network World's Technology Opinion Panel admitted in a survey to being unprepared to prevent data breaches and computer theft. A total of 42% said their corporation does not have data security policies in place for the use of mobile computing devices.
|
 |
| 12.4.2007 |
InfoWorld |
Companies still failing to enforce security rules
 Company security policies are useless without enforcement, according to new research released by the Ponemon Institute. Companies do not follow basic data security procedures in several high-risk scenarios, including off-network security, the survey found.
|
 |
| 12.3.2007 |
Dark Reading |
Study reveals overlooked sources of leaks
 A new Information Security Forum study found that lost laptops, sensitive documents left on photocopiers and employees taking home confidential storage media remain the most common sources of data security leaks.
|
 |
| 11.28.2007 |
InternetNews |
Report details real costs of security breaches
 A new Ponemon Institute study has found that data breach incidents cost companies $197 per compromised customer record in 2007, compared to $182 in 2006. Most of the cost, $128 out of the $197, is from lost business and having to acquire new customers. For financial services firms, the cost was $239 per lost record.
|
 |
| 11.27.2007 |
Security Park |
Businesses are ill-prepared for the security risk introduced by temporary workers
 Business enterprises may unnecessarily put corporate data at risk by granting temporary staff access to confidential information at the same levels as permanent employees, according to new research from Websense.
|
 |
| 11.26.2007 |
Tech Republic |
Ten ways to reduce insider security risks
 Enforcing IT security policies and increasing security awareness are among the ways business enterprises can combat insider corporate security threats, industry observers say. Recent reports indicate that employees who are authorized to access company systems are most likely to be linked to a security breach.
|
 |
| 11.21.2007 |
Washington Post |
UK government apologizes about huge data loss
 UK Prime Minister Gordon Brown tried to reassure Britons that their personal data is safe after one of the biggest security breaches in the country's history left millions of people exposed to identity theft and bank fraud. Two computer disks lost in transit from one government department to another contained names, addresses, birth dates, national insurance numbers and banking details for 25 million people.
|
 |
| 11.15.2007 |
Indianapolis Star |
Veterans Administration laptops, patient information stolen
 Three computers containing information on 12,000 patients were reported stolen from the U.S. Veterans Administration (VA) hospital in Indianapolis in early November. The VA says the computers were stolen from locked offices at the Roudebush VA Medical Center.
|
 |
| 11.15.2007 |
Computerworld |
Montana State University reports three data breaches in single day
 The State University of Montana recently discovered three separate security breach incidents involving the potential compromise of personal data on the same day. One of the breaches involved a removable storage device containing personal student data that was reported stolen.
|
 |
| 11.14.2007 |
ENN |
Used hard drives are ID theft paradise
 A new study conducted by Irish security firm Rits Information Security reported that personal information, including customer data, client files and credit card numbers, were found on hard drives sold into the second-hand computer market. Even when attempts were made to erase the drives, they had not been securely sanitized, allowing Rits to recover data.
|
 |
| 11.11.2007 |
Fredericksburg Free Lance-Star |
ID theft can be a dead issue
 Only 6% of companies can say for certain that they have not lost important personal information during the past two years, according to identity theft expert James McCartney. Identity theft now produces more revenue than drug trafficking in the U.S. and identity thieves opened 400,000 bank accounts last year using the names of dead people, McCartney said.
|