Log in

Archive for the ‘Data Protection’ category

Large scale computer thefts at Pendle schools

September 6th, 2010

£60,000 worth of computers have been stolen from Pendle schools over the summer holidays. The thieves have struck at Fisher-More Catholic Humanities College, Primet High School and Park High School over the course of six-weeks.

Fisher-More was struck four times by thieves over the course of holidays. The first two thefts occurred at the end of July when computer equipment valued at almost £8,500 was taken. Then again, the thieves returned on August 25th and 26th, this time taking two computers and a compact computer monitor, together valued at nearly £2,000.

Laptops valued at £2,500 were stolen from Park High School in the early hours of August 26th. The worst affected is Primet High School where £40,000 worth of equipment have been stolen. Thieves raided the school’s IT suite at the weekend, taking computers, two-way radios and other resources.

Initial investigation form the police suggests that the thieves broke into Fisher-More and Park through the windows but entered Primet through the roof. PC Mark Blackey, of Colne Police, said: “We cannot say for certain, but we think it is the same thieves going around high schools in the area. In view of this, we are asking schools to be particularly vigilant.”

Fisher-More headteacher Mr Chris Bohills said: “Governors and staff were very disappointed after the summer break to find vandals had thrown stones through six large windows and thieves had also broken into school, stealing 12 computers which also created a great deal of mess. This had to be attended to as a matter of urgency for the students’ return and has cost the school considerably, a cost which would have been better used for the academic interests of our pupils. However this will not dampen our spirits after the best ever GCSE results at the school this summer and staff and students are looking forward to working in the new classrooms and administration block at the front of the building.”

Headteacher of Primet High School Janet Walsh said: “This is a particularly cruel crime targeting children and their learning opportunities. Education is already poorly funded, so to take such treasured equipment is appalling. Luckily we can still teach without the equipment, but teachers will need to re-plan their lessons and we will have to resort to old methods of teaching for a while.”

Dr Paul Parkin, headteacher at Park High School, said: “During the summer holidays the school has spent a considerable amount of money updating and extending facilities for pupils. It is disappointing that theft and vandalism of this nature has happened. The costs of replacing damaged or stolen items and increased levels of security limit the funding available for our pupils. However we will not let this affect the start to the new academic year. We remain committed to improving the quality of facilities in school.”

PC Blackey said: “We are appealing to any local residents who saw anyone in the area of the schools acting suspiciously at these times to contact us anonymously on 472441 or Crimestoppers on 0800 555111.”

Secure your organization with Alertsec

Alertsec Xpress is used in all organisations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to large multinational companies with offices around the globe. By using industry leading Check Point Full Disk Encryption (former Pointsec) software, Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption

For security and technology observations, consider following us on Twitter.

Oblivion Walkthrough – Joining the Thieves Guild (brighthub.com)
Denver Thieves Steal $1,200 Worth Of Video Games [Crime] (kotaku.com)
Cleared bully-row head back at school (menmedia.co.uk)

No comments »

Posted in Alertsec Express, Computer security, Data Protection

Tags: Crime Education General Certificate of Secondary Education High school Park High School Personal computer Theft Twitter

Aon Consulting reveals personal information of Delaware retirees, later notifies the affected

September 3rd, 2010

Aon Consulting Data Breach

In a major goof-up, Aon Consulting Inc. inadvertently revealed the Social Security numbers, dates of birth and genders of around 22,000 retirees from the state of Delaware, spokesman for the company said.

The data appeared on the consultant’s website between Aug 16 and Aug 20 in a vision benefits request for proposals that Aon had prepared for the state. The data did not contain any names and was removed as soon as it was discovered, according to the consultant’s Chicago-based parent, Aon Corp.

“The company is investigating the breach, but there have been no reports of any fraudulent activity,” an Aon spokesman said. He also added that potentially affected retirees were being notified of the breach and would receive free credit monitoring services for a year and access to a toll-free customer care center for additional assistance.

Delaware’s Office of Management & Budget and Delaware Department of Technology & Information, the Office of the Attorney General & the State Pension Office said in a combined statement that “we are overseeing the steps Aon is taking to support persons affected by this incident and prevent future incidents of this nature.”

Secure your organization with Alertsec

Alertsec Xpress is used in all organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to large multinational companies with offices around the globe. By using industry leading Check Point Full Disk Encryption (former Pointsec) software, Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption

For security and technology observations, consider following us on Twitter.

Hewitt Associates Completes Acquisition of Leading U.S. Investment Advisory Firm, EnnisKnupp (eon.businesswire.com)
Security Briefing: August 31st (liquidmatrix.org)

No comments »

Posted in Data Protection, data breach

Tags: Aon Consulting Aon Corporation Chicago Corporation Delaware Hewitt Associates security United States

Department Of Veteran Affairs begins posting Data Breach report online

August 16th, 2010

: Image via Wikipedia

The Department of Veterans Affairs (VA) has begun posting reports about data breaches on its website, once again showcasing its transparent policies.

Since VA is the largest healthcare organization on the planet and has thousands of contractors, it experiences a variety of data breach incidents each month. It must notify Congress monthly about both routine and major data breaches, a requirement imposed in the aftermath of several security break-downs during the past year.

For example, a report (PDF) from July 5 to August 1 shows the agency lost two PCs, 13 BlackBerry devices and six laptops. It also reported 103 of so-called “mis-mailed” incidents, and 90 “mis-handling” incidents. The report said, all of the lost laptops were encrypted. Now, the public can see those reports for themselves, as VA has begun to post them online since August 11.

“We gain a lot with transparency,” VA chief information Roger Baker said about making the report public. “When you see what normally happens and how they are handled, it lends a bit of confidence what we’re going to do when more serious ones occur,” he added.

“For example, losing smart phones is a common security problem at VA, as it is elsewhere. However, it’s difficult to impose consequences for the losses. There isn’t a cost benefit to denying the issuance of another smart phone to physicians and other professionals who lose them because the devices are inexpensive relative to the productivity gains they provide,” Baker said.

“I don’t take losing a couple of hundred dollars of taxpayer money lightly,” he said. “But compared with a doctor that we may be paying $300,000 a year, I don’t want them spending time trying to figure how to get a new Blackberry. I want them to have a new Blackberry in their hands so they can be certain of providing patient services.”

VA also has a policy of encrypting mobile devices in order to reduce the potential for the misuse of personal or confidential information by making the device unusable when it it lost or stolen.

Since taking his position, Baker has made a conscious effort to streamline the IT operations at the VA, with data security being a priority. The posting of the reports also shows how far the agency has come in terms of transparency and accountability for its IT operations, which has been criticized for serious in-efficiency in the past.

Also, Baker has put into place an accountability program that flags IT projects behind schedule or over budget. This program saved the agency $54 million in its fiscal-year 2010 budget.

Want to prevent breach?

Have you been affected by data breach? Do you think that your organization is susceptible to a potential security breach? For further information visit our website where you will learn about our encryption software and other security protection methods.

A trusted way to protect information stored on a PC or laptop is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users. To find out more, see Tech Specs.

No comments »

Posted in AlertSec Xpress, Data Protection, data breach

Tags: data breach data security Encryption Personal computer Roger Baker security United States Department of Veterans Affairs Veterans Affairs Department

Leakage of personal information leaves students & employees of six Florida universities exposed

August 13th, 2010

Six colleges in Florida had their students and employees’ personal data exposed due to a state library service center software glitch. The information was publically available on the Internet for 5 days.

Students, faculty, and employees at Broward College, Florida State College at Jacksonville, Northwest Florida State College, Pensacola State College, South Florida Community College, and Tallahassee Community College, all are at risk of exposed personal data, according to The College Center for Library Automation (CCLA), which provides automated library services and electronic resources to Florida public colleges.

Private information such as Social Security Numbers, names, driver’s license and card numbers of an estimated 126,000 students and employees was available on the internet after a library services firm serving the colleges inadvertently left the information in its database exposed for five days. The personal information in CCLA’s database did not include financial data or library usage records, and it was exposed between May 29 and June 2.

Six state community college colleges were affected because their borrower records were contained in temporary work files that were being processed at the time the breach occurred. The library agency learned of the incident on June 23, after a student reported finding his Social Security Number on the internet through a Google search.

The CCLA did not provide details of what the software upgrade entailed or why the upgrade left the database exposed, except that the compromised records had been stored in temporary work files that were being processed when the breach occurred.

“We pride ourselves on protecting private information and deeply regret this inadvertent exposure,” said Richard Madaus, CEO of CCLA. “I apologize to those involved for any worry or inconvenience this may cause them. We will continue to enhance our technology to safeguard all of the information entrusted to us.”

He also added “We’ve had some new grad hires who said when they took tests in college, they had to write their SSN on top of the test” to identify themselves, he says. “I think that’s changing, but there still are some old systems out there that need to be updated.”

The affected individuals are being notified by snail mail. Moreover, the agency has started with the investigation after discovering the breach, and the case has also been turned over to the county sheriff’s office. Also, the CCLA has set up a webpage about the breach and recommends that people affected by the breach place free fraud alerts on their credit files and check their credit reports for suspicious activity.

Want to prevent breach?

Have you been affected by data breach? Do you think that your organization is susceptible to a potential security breach? For further information visit our website where you will learn about our encryption software and other security protection methods.

A trusted way to protect information stored on a PC or laptop is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users. To find out more, see Tech Specs.

No comments »

Posted in Data Protection, data breach

Tags: Colleges and Universities Education Florida Google Personal computer security Social Security number United States

Key findings from the Computer Theft survey

August 6th, 2010

: Image via Wikipedia

The main concern while running a business is keeping your computing devices like desktops, laptops etc. and their data secure. The portability offered by laptops, increases their chance of being stolen as people are constantly leaving them unattended at public places. Many a times these devices are left behind at restaurants, subways, coffee shops, airports etc. Although the insurance company may cover the hardware, the files and data on the machine may eventually be untraceable and forever lost.

Recently BSI carried out their 8^th Annual Computer Theft Survey in the United States. Here are the key findings from that survey:

More than 5.5 Million computers were stolen in the United States in the last 3 years.
More than half (58.7%) of the respondents have been a victim of computer theft in the last year.
According to FBI, 97% of unprotected computers (i.e. computers that do not use any data encryption software or computer security software) are never recovered.
68% of the devices stolen were laptops, followed by desktops (10%) & others like PDA’s, iphone etc. (22%)
67% of computer theft occurred while respondent was mobile (moving about),
91% of respondents did not use data encryption software to encrypt the proprietary data on their stolen device.
Average total replacement cost of each stolen computing device was $43,264.66.
71% of respondents reported downtime due to computer theft ranging from several days to more than a month.
Only 21% of those surveyed used extensive data protection like dedicated data encryption software, but about 70% did not use any safeguard or security protection at all.

These numbers are very similar to the numbers in the surveys done earlier on this issue, clearly indicating that people are not doing anything more to protect their data than they were doing earlier.

If you carefully analyze the survey data, you will notice that only 3% of stolen computing devices are recovered; even then only 9% people are using data encryption software to protect their data.

Encrypt your Data for peace of mind!

We spend huge sums to protect our internal networks, but forget that there are people carrying laptops that are connected to these internal networks. These laptops are equally vulnerable to theft & hacking. This fact has been highlighted in the survey, according to which 67% of computer thefts occurred when the respondent was outdoors.

By using laptop encryption software, we could have greatly enhanced the laptop security as there is no way that the information is compromised if the laptop is lost or stolen. A theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop.

Secure your data using Alertsec

Alertsec Xpress offers computer security software from Check Point as a fully customizable and pre-packaged data encryption software solution. The AES encryption algorithm and extensive 3rd party certifications offer you security that is used by millions. Try it for free today.