Log in

Archive for the ‘laptop encryption’ category

2011 a bad year for Medical data breaches – Millions of patient data compromised

December 21st, 2011

Beth Givens at Privacy Revolution session

PRC Director Beth Givens gives an insight into Medical data breaches

The San Diego-based Privacy Rights Clearinghouse has come up with a list of 2011’s six most significant data breaches.

An overview

2011 has been a bad year for Medical data breaches. According to the PRC there were a total of 535 breaches that involved 30.4 million sensitive records. When we talk about sensitive information we mean Social Security numbers, drivers license numbers, financial account information and medical data.

Top breaches

The worst hit was Health Net as nine of its data servers went missing from a Northern California data center in January. The servers had records of almost two million current and former policy holders.

Sutter Health experienced data breach when its company-issued computer was stolen from Sutter’s Medication Foundation offices. Health Data of more than 4 million patients was compromised.

Tricare Management Activity and Science Applications International Corporation – Backup tapes containing data ofto 4.9 million patients were stolen from an employee’s car.

What do regulators have to say?

Regulators feel industry and legislative mandates to protect sensitive information need a revamp. National data privacy laws are gaining importance on both the national and local levels. Regulators are looking at industries where personal information is of utmost importance. Institutes such as HIPAA in healthcare and the Gramm-Leach-Bliley Act (GLBA) in financial services. It is not only the lawmakers who are imposing mandates for data security. There are a few indutries like Payment Card Industry Data Security Standard (PCI DSS) that have come up with security regulations when it comes to storing credit card information.

The other important aspect eyed by IT professionals is cloud computing. A recent EMA survey shows that organisations that had adopted or planning to adopt cloud computing were making sure that the use of data security and privacy controls was an important aspect of Service Level Agreements (SLAs) with Cloud providers.

According to Paul Hogan, CEO of T3 “This recent legislation proposal shows the absolute crisis that the US and the world’s largest corporations and government are facing regarding data breaches and the subsequent leakage of extremely sensitive consumer and government information. Cyber attacks have been around for a long time, however due to their sensitive nature, large corporations have tried their best to keep them from being reported to the media, which would no longer be possible if this legislation passes which we believe is simply a matter of time.”

Here is Beth Givens, PRC director’s statement “This is a conservative number,” said Givens. “We generally learn about breaches that garner media attention. Unfortunately, many do not. And, because many states do not require companies to report data breaches to a central clearinghouse, data breaches occur that we never hear about. Our chronology is only a sampling.”

Hospitals can secure themselves with Alertsec

Organisations and hospitals, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Alertsec Xpress’s Check Point Full Disk Encryption is used by over 4 million users worldwide.

No comments »

Posted in Computer security, Data Protection, Identity and Information loss, Lawsuits and settlements, Security Flaw, computer security software, data breach, data encryption, identity theft, laptop encryption

Tags: AlertSec Xpress Check Point data breach Health Net January Northern California Payment Card Industry Data Security Standard Privacy Rights Clearinghouse San Diego Social Security number Sutter Health

Former Middletown School contractor accused of Laptop theft

December 5th, 2011

Not one or two but 400 laptops missing! A recent case of laptop theft saw 400 laptops being stolen from Middletown schools by a former contractor. A Butler County grand jury is currently reviewing the charges. If convicted, he faces 5 years prison time.

According to the Middletown police Larry A. Osborne Jr., 29,has been charged with third-degree felony theft on Nov. 9 in Middletown Municipal Court. He is accused of stealing computers since 2008. Osborne, a computer technician, was a former contractor of the Butler County Educational Service Center. The approximate value of the 400 laptops is $123,000. Osborne used to sell these computers on ebay. He sold around 350 computers to a man in PA who had no clue that these computers were stolen property. The PA man has not been charged. The machines were either used ones or non-working.

Former school contractor stole 400 laptops

The first theft was reported on Nov. 8 where eight Apple laptop computers were stolen from the district’s warehouse, 110 Baltimore St.

So far the department has recovered 46 of the 400 laptops. According to Lt. Scott Reeve. “The investigation is pretty much done. We’ve recovered all we’re going to recover,”. He further added that the thefts were discovered when the owner of 1 Stop Shipping Shop on Vail Avenue became suspicious about the no of computers Osborne was shipping. 18 laptops were recovered from 1 Stop Shipping Shop and 28 from Hallstead, PA. Lt. Reeve added “He wasn’t just taking them from one location,”. “He was taking them from multiple locations. I think that is part of the reason he got away with it for so long. He is an information technology guy and it’s not unusual to see him walking around with a computers in his hands, and they weren’t all being stolen from one location. He was spreading out the thefts at various schools throughout the district.”

Apparently Osborne was a full time IT worker with the district and lost his job a month ago when the theft came to light.

The modus operandi was that Osborne stole laptops that were left unattended while making service calls. Inspite of the fact that the district conducts general audits of its systems on an annual basis, the laptops were stole. The reason being Osborne was the employee in charge of this district.The district is revamping its security policy to make sure such thefts do not take place in the future.

Alertsec and data encryption go hand in hand

Information has become highly mobile. There are netbooks, laptops, iphones and blackberries. You leave any of these unattended and the next thing you know is that they are stolen!

To lose any of the above device means losing valuable information! Especially when this information includes not only your personal data but that of hundreds and thousands of people.

Encryption is the best security solution to data breaches and laptop thefts. Alertsec helps you keep your info secure.

No comments »

Posted in Computer security, Identity and Information loss, Lawsuits and settlements, computer security software, identity theft, laptop encryption, laptop theft

Tags: Apple Baltimore Counties Hardware Information Commissioners Office insurance laptop laptop theft LoJack Notebooks and Laptops security Theft United States

The case of 50 stolen laptops from Massabesic High School in Waterboro

November 24th, 2011

Looks like stealing laptops from school is very easy. Every other day we are hearing news about missing laptops and that too from schools. Time to tighten school security policies!

The case of the missing laptops and their recovery

The York County Sheriff’s Department has succeeded in recovering 50 Apple laptop computers that were stolen from Massabesic High School this week. Where exactly were they found is not revealed as yet, only that it was a good distance away from the school.

According to Sheriff Maurice Ouellette the laptops are in good condition and had been placed inside two, large plastic tubs with covers on them at the time of recovery.

“This was stuff that kids used to study with … That’s something I take personally,” Ouellette said.

How did the thieves manage to steal these computers?

It appears that the thief or thieves pried open a window to gain entrance to the school. The thieves entered the East Building of the school and did away with the computers and a projector.

“I’ve been working for this school district for a number of years and this is certainly the largest theft of any equipment that i’ve ever experienced or that i know of”, said RSU 57 Technology Director Bob Stackpole

School staff and students were interviewed in detail by the police in hope of getting clues about the theft.

A TV viewer caught this piece of news item on TV and got in touch with the authorities. The total value of the computers was around $60,000.

To catch the thief

Authorities have requested anyone with info about the thieves to get in touch with them. “We’re certainly interested in that, how that took place and at the end of the day we take a look at what transpired, how it transpired, who would have access and who would know, things to that nature”,said Sheriff Maurice Ouellette. The laptops were white in color and had identifying stickers. Currently the laptops are with the police. As soon as the investigation is over, they will be returned to the school.

Alertsec equips firms with encryption software

Alertsec is here to take care of our security issues especially for anyone working with PCs. Al

Stolen Laptops from Massabesic School recovered

Aertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

No comments »

Posted in Identity and Information loss, identity theft, laptop encryption, laptop theft

Tags: Apple Hardware IPhone laptop LoJack Massabesic High School Notebooks and Laptops security Sheriff Theft

Unencrypted laptop stolen from Ruth Crawford QC during Holiday

November 21st, 2011

We have mentioned before about laptop theft cases going unreported. In the following case laptop was stolen in 2009 but the incident came to light only now, after 2 years! To top it all, this laptop belonged to a Scottish lawyer who we expect should have been diligent enough to guard client’s data.

Ruth Crawford QC was on a holiday when her laptop went missing. The laptop contained personal information related to clients who were a part of Ms Crawford’s eight court cases. This data was specifically about the mental and physical health of the clients.

Ms Crawford was lucky that the incident took place in 2009. Had it taken place seven months later, she would have been fined for breaching the data protection Act as that was when the ICO was given new powers to impose fines of up to £500,000.

As of today Ms Crawford has signed an undertaking that says she is going to encrypt all her portable devices and secure them properly. These are the exact words of the undertaking ”The theft occurred while the data controller (Ms Crawford) was on holiday, having left plumbers to fit a new boiler at her home. The data controller provided the plumbers with keys and the code to her alarm. She highlighted the importance of keeping her front door locked and of activating the alarm when leaving the house.

“Upon returning from holiday on September 3 2009, the data controller discovered that the laptop and a purse were missing from her study. She subsequently reported the matter to the police. The commissioner has noted that physical security measures were in place at the time of the incident but that there was insufficient technical security employed on the laptop to protect the data.”

According to Ken Macdonald, Assistant Commissioner for Scotland: “The legal profession holds some of the most sensitive information available. It is therefore vital that adequate security measures are in place to keep information secure.”

“As this incident took place before the 6 April 2010, the ICO is unable to serve a financial penalty in this instance. But this case should act as a warning to other legal professionals that their failure to protect personal information is not just about potentially being served with a penalty of up to £500,000, it could affect their careers too. If confidential information is made public, it could also jeopardise the important work they do in court.

“The ICO would also like to assure the legal profession that any information reported to this office will not be disclosed unless there is specific legal authority for us to do so. Therefore all breaches should be reported to our office as soon as practically possible.”

Alertsec is a data encryption service company. Organisations, be it big or small, must have encryption in place. If you are an individual works independently or is not covered by the organisation can also use self-encrypted drives. Alertsec helps with the installation, the cost of this encryption service is negligible compared with the hassle, cost and embarrassment.

Safeguard your data with Alertsec Encryption Service

No comments »

Posted in Identity and Information loss, identity theft, laptop encryption, laptop theft

Tags: Crawford Cryptography Data Protection Act 1998 Encryption Hardware ICO Ken Macdonald laptop Mental health Notebooks and Laptops Personally identifiable information Ruth Crawford QC Scotland Theft

Two Razer Blade Laptop Prototypes stolen from company’s R&D unit

November 18th, 2011

Does not Razer remind you of sharpness? Well, the Razer company sure needs to ’sharpen’ its data security! Two Razer Blade prototypes were stolen on Nov 4 from the company’s Bay area R&D lab.

The complete story

Razer co-founder Min-Liang Tan’s Facebook statement says”As you can imagine, the return of these prototype units is very important to the company,” he said. “We have already reported this to the authorities who are working closely with us on this matter.”

“We take this act of theft seriously and would like to appeal for its return and discourage anyone from buying the Razer Blade prototypes from the perpetrators, whether online or otherwise, as they are stolen property.”

Razer co-founder Min-Liang Tan’s statement says”As you can imagine, the return of these prototype units is very important to the company,” he said. “We have already reported this to the authorities who are working closely with us on this matter.”

“We take this act of theft seriously and would like to appeal for its return and discourage anyone from buying the Razer Blade prototypes from the perpetrators, whether online or otherwise, as they are stolen property.”

Razer came up earlier this year with a ultra-thin laptop, called the Blade– a $2,800 laptop that’ is not even an inch in thickness and weighs less than 7 pounds.

The break-in

Apparently the thieves had access to the building as it was not exactly a ‘break-in’. They seem to have entered the lobby and quietly nicked off the two laptops. What makes this case more interesting is that none of these laptops were completely functional, so looks like the robbers were not that lucky.

A great loss to the company

Speciality of this Razer laptop was the touchscreen on the right where generally the number pad is located. Razer is requesting the thieves to return these laptops as they contain a lot of diagnostic data. These laptops were getting tested that weekend. Customers are being requested not to buy any such laptop if they are offered one for sale or come across e-bay or craigslist.

Investigation

Police are investigating thoroughly every employee at Razer who swiped their security cards that weekend, in hope to catch the thief. Access logs are being checked out too. Razer has further asked that they are to be contacted about the break-in and/or missing prototypes on the following email “cult@razerzone.com”.

Speculation

Was this just a publicity gimmick? Did Razer secretly want this? What did Razer have to say about it?

Razer has flatly denied these speculations and provided details about the theft. Razer has further stated that it won’t delay the release of the product because of this theft.

Alertsec offers good encryption service

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software. Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.