AlertSec Xpress

Two men stole an unencrypted laptop

July 25th, 2014
MSI laptop computer

Two men stole an unencrypted laptop

Self Regional Healthcare of Greenwood, S.C. is affected by data breach when two men stole laptop during memorial weekend. It was not clear how many patients were affected by this incident. As per the data, Self regional Healthcare serves around 250,000 patients.

Self regional has notified South Carolina Department of Health. According to reports the patients affected stands around 500 and the records included patients’ names, Social Security numbers, driver’s license numbers, treating physician names, insurance policy numbers, patient account numbers, service dates, diagnosis/procedure information, payment card information, financial account information, and possibly addresses.

Self Regional posted a notice on its website, with comment from President and CEO Jim Pfeiffer

Self Regional takes the security of our patients’ personal information very seriously . . . We retained third-party computer forensic experts to assist with the investigation of this incident, even though the intruders admitted their actions to law enforcement and claimed never to have accessed the laptop. Because we do not have the laptop in our possession, Self Regional must assume there is a possibility that someone may have accessed certain patients’ protected health information.

The two thieves were caught later and one told to the police during the briefing that laptop was thrown in the lake which authorities failed to trace. The act of thief appears to be general theft and not targeted attack for information contained on the laptop. Laptop was unencrypted and pose a threat for the patient’s whose information was present on the laptop.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

- See more at: http://blog.alertsec.com/#sthash.EXcVYngp.dpuf

Unresolved Network Events

July 12th, 2014
English: A candidate icon for Portal:Computer ...

Unresolved Network Events

Survey was conducted for security issues by Emulex and the result shows that 73 percent of IT staff has unresolved network events.

“An unresolved network event is one in which the root cause has not been established and therefore the risk of reoccurrence has not been mediated,” Matt Walmsley, senior marketing manager at Emulex division Endace, told SC Magazine. “These events are still unresolved because these IT pros do not have access to the right post-event forensics tools.”

Key highlights of survey are given as below –

  • Eighty-seven percent of respondents mentioned that they had reported the root cause of a network or security issue to their management but didn’t have the necessary information required to be completely accurate in their assessment.
  • Thirty nine percent mentioned that it occurred at least a few times.
  • Forty five percent of IT staff mentioned that they monitor network and application performance manually instead of using network monitoring tools
  • Eighty three percent said there has been an increase in the number of security events they’ve investigated in the past year
  • Eight one percent of security operations role mentioned their organization has experienced a network security breach.
  • Twenty-seven percent of network breaches were found through manual searches and user reporting without the use of alerting tools.
  • Seventy percent of network operations role have experienced a critical network event that took at least one full business day to diagnose.
  • More than half of U.S. counterparts said network outages or performance degradations cost their organizations more than half a million dollars in revenue per hour.

“IT is facing new challenges related to the growing use of software-defined networking, virtualization and higher performing networks, as well as increasingly more sophisticated attacks on company IT assets,” Emulex senior vice president of marketing Shaun Walsh said in a statement.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Indianapolis hospital sent letters with patient information

July 6th, 2014
English: icon for mailing lists

Indianapolis hospital sent letters with patient information

St. Vincent Breast Center of Indianapolis sent letters with patient’s information to the wrong addresses. The breach has caused St. Vincent to send alert to around 63,000 patients. Incident came to notice, when wrong recipients of the letters began calling hospital about the breach. Letters contained printed information which includes patient names, addresses and some scheduled appointments.

According to the St. Vincent there was no financial data or Social Security numbers involved in the incident. Hospital destroyed the letters which were sent by the patients. But the number of sent letter remains unknown.

“We value the privacy and security of patient information, and regret this mailing error,” Rex McKinney, privacy officer for St. Vincent Indianapolis Hospital, said to wishtv.com. “It is our priority to support those who have been affected and make the necessary changes to our patient mailing process to avoid future occurrences. We sincerely apologize for any inconveniences resulting from this unfortunate incident.” McKinney added that the organization will implement new patient information mailing strategies going forward.

Statement on St. Vincent Breast Center website includes:

Please be assured that the Center is taking steps to mitigate this incident by notifying affected individuals through this substitute notice, media notice, and destroying all letters that have been returned. The Center is also evaluating and making changes to its patient mailing processes internally and with external vendors to avoid an incident of this nature in the future.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

The Alabama Department of Public Health faces data breach

July 4th, 2014
Seal of the Alabama Department of Public Healt...

The Alabama Department of Public Health faces data breach

The Alabama Department of Public Health (ADPH) has send out breach notices for more than 500 patients. According to the reports, the affected includes patients treated at one of Alabama’s 65 county health departments. Patient’s personal information and identities were compromised due to this incident.

Data compromised includes clients’ names, dates of birth, and Social Security numbers from ADPH, as well as several other entities. Privacy Officer Samarria Dunson, “[w]e believe now that it is possible they may have been former employees, but we are still participating in the investigation. It would be particular records that were printed out by individuals.”

ADPH released a statement saying it was informed on June 5, 2014 that the U.S. Attorney’s Office for the Middle District of Alabama and the U.S. Department of Justice’s Tax Division that they were prosecuting a case of theft involving personal information.

“We believe now that it is possible they may have been former employees, but we are still participating in the investigation,” Alabama Department of Public Health Privacy Officer Samarria Dunson.

“It would be particular records that were printed out by individuals,” Dunson said.

Dunson says victims range in age, but most were young adults.

“They were born mostly in the year of 1996 which would make then 18 now. Unfortunately that seems to be a group of people that these type of criminals really go after maybe because they are not filing tax returns right now or really keeping up with their credit score,” Dunson said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Child Vaccination records stolen

July 2nd, 2014

Cryptographically secure pseudorandom number g...

The San Antonio Metropolitan Health District recently suffered data breach when laptop containing information was stolen.

The San Antonio Metropolitan Health District recently suffered data breach when laptop containing information was stolen. According to reports, number of child patients stands at 300 whose vaccination information was present on the laptop. Information on the laptop included patients’ last names, dates of birth, doctor identifier and immunization names.

“Metro Health takes the privacy of individual health information seriously and is reviewing all practices and policies associated with the handling and transport of protected health information,” a spokeswoman said to woai.com.  “While the likelihood of harm from this breach is minimal, those affected by this theft are being individually notified and advised to monitor their health insurance statements closely for any unusual activity.”

Metro Health’s site fails to explain the laptop location at the time of the theft. Also it has been come to the notice that laptop which contained vaccination records from the Vaccines for Children program, has not been recovered.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.