Posts Tagged ‘laptop’

Around 1000 patients of Lexington Clinic lose data because of Laptop theft

January 31st, 2012
Seal of the United States Federal Trade Commis...

The Federal State Commission issues data protection guidelines. Lexington Clinic suffers data breach

We have mentioned this before and are reiterating – Medical data is very very vulnerable. Most data breach and laptop stealing cases are related to Medical data. We have covered so many posts related to medical data breach that they have almost become a routine now! It is as if Medical data simply cannot be secured. Is the data security world listening? It is so very important to protect data, especially patient data.

Breaking news: Today’s post highlights the vulnerability of medical data breach and laptop thefts.

Lexington Clinic Laptop Theft

According to the Lexington clinic the laptop was atolen last month from the neurology department in the Saint Joseph office park on Harrodsburg Road.

The clinic further adds that the laptop contained patients’ names and some medical information. Fortunately it did not contain Social Security, credit card, or bank account numbers. A total of 1,018 patients lost their private data.

Letters are being sent to the affected parties.

The moment Lexington Clinic  found out about the theft, it informed the police and all door locks to the neurology department were urgently changed. Lexington Clinic is currently working with the St. Joseph security officials to ascertain the security of offices located in the St. Joseph Office Park.

Note for Lexington Clinic patients – In case you have been or currently are a patient of the Lexington Clinic Neurology Department, and if you have not received a letter about this theft then it is safe to assume that your data was not on the stolen laptop. So far there is no proof that any of the stolen data has been misused.

The Federal Trade Commission is requesting everyone to take steps to protect information:

Beware of signs of identity theft, such as:

• Bank Accounts you didn’t open and debts on your accounts that you  are not aware of

• Wrong information on your credit reports, including accounts and personal information, such as your Social Security number, address(es), name or initials and employers.

• In case you do not receive your bills on time, follow-up with your creditors.

• Receiving credit cards that you didn’t apply for.

• Being denied credit or being offered less favorable credit terms. If it is too good, then it is not true

• Receiving calls or letters from debt collectors or businesses about merchandise or services you didn’t buy.

About Lexington Clinic – It is Central Kentucky’s oldest and largest group practice, with more than 200 providers offering primary and specialty care services. Founded in 1920, Lexington Clinic offers more than 30 specialties and operates offices in more than 25 locations throughout Central and Eastern Kentucky.

Source: LexingtonClinic.com

Alertsec secures your Laptops

3 easy steps to encrypt your data with Alertsec

a. Register for your subscription or 30-day free trial of our encryption software

b. Download and activate Alertsec Xpress online

c. Your laptop is now powered by Check Point Full Disk Encryption

Enhanced by Zemanta

The European Union to revamp data-protection rules that will control information flow

January 24th, 2012

Europe has been struggling for stricter data breach laws for a long time. The recent data thefts have pushed the EU to make tough rules as regards data breaches and data security. This certainly is the need of the hour, not only in Europe but all over the world as data breaches are on the rise and hackers are taking advantage of the loopholes in the system.

English: European Commissioner Viviane Reding

EU Justice Commissioner Viviane Reding talks about introducing new data protection regulations

The European Union is in the process of proposing new regulations regarding how companies use the personal information of Internet users this week. The new regulations are going to have a major impact on companies like Google and Facebook. This is going to put stricter limits on how they use the information of the people that use their services. According to Viciane Reading, vice president of the European Commission, a branch of the EU, these new regulations are absolutely required to protect personal data of the users and rebuild a sense of confidence in them.

The current state of security laws in Europe:
At present there are conflicting laws from various countries that form the Union. These laws force the companies to collect data on consumers from the Internet. Companies who do not follow any regulations are becoming a victiom of data breach and are always at loggerheads with the governments. For e.g. Facebook, has been in the limelight as it was targeted by both U.S. and European regulators for the wayt they use user data. The company underwent 20 years of independent audits after the U.S. Federal Trade Commission proved that the company’s use of customer information was illegal.
What data privacy means for consumers?
Privacy is a major concern for today’s insurance industry. The more transactions we carry out online, the more we stand to risk of becoming a target of cyber crime. Data Breaches  puts information of millions of consumers at risk and that means monetary losses for companies and insurance groups.

What will the new rules exactly do?

The new rules will make it compulsory for financial services firms and credit card processors to report incidents of lost or stolen data within 24 hours of a breach. These rules are set to come into effect today. The companies must, as per new rules, appoint a data protection officer to preside over the protection of personal data stored and processed by individual businesses.

EU Justice Commissioner Viviane Reding’s comment

“I want to explicitly clarify that people shall have the right – and not only the ‘possibility’ – to withdraw their consent to the processing of the personal data they have given out themselves,” says Reding. “If an individual no longer wants his personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.” ”Companies that suffer a data leak must inform the data protection authorities and the individuals concerned, and they must do so without undue delay,” adds Reding. “As a general rule, without undue delay means for me ‘within 24 hours’.”

Data security with Alertsec
Following the essential guidelines is very necessary for data security in any organization. This news exemplifies the need for data protection applications. In an incident which highlights the need of Data encryption software and recovery software, the threat could have simply been reduced to an insurance matter by a mere investment of $13/month. The information would have been secure with no loss what so ever. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security. There are no short cuts to Data security in any organization. Alertsec offers ervice that includes more than the traditional software licensing model.
Enhanced by Zemanta

Data breach at Kansas Department on Aging

January 21st, 2012
English: Laptop

Laptop stolen from vehicle belonging to the Kansas Dept. of Aging

Stealing valuables, especially laptops and pen-drives, are in vogue. Thieves have gotten very smart and have realized the value of laptops and mobile devices. It is very difficult to track such thefts and data thieves are getting away easily.

The above will be more clear after reading the following news story.

A laptop computer, flash drive and paper files were stolen from a locked vehicle that belonged to an employee of the Dept.on Aging, Wichita. The Kansas Department on Aging is informing clients tabout this information breach.

The theft took place on Jan. 12 at the Best Western Airport Inn, 6815 W. Kellogg. The suspects broke a rear window on a state-owned car that contained the laptop and paper files. Apparently the employee had covered the items with a blanket before getting into the hotel for safety sake.

Emerging details

The laptop contained data about department clients in Sedgwick, Harvey and Butler counties. So far the police have not been able to recover any of the items. At the same time there is no proof that the stolen information has been misused.

According to the Department on Aging no banking or driver’s license information was involved. But there is a possibility that the stolen information could have full names, addresses, Social Security and Medicaid information and other personal or protected health information. The stolen data also contained social security numbers of 100 people that were a part of the Senior Care Act program.  The Department of Aging is trying to reach these people over phone to inform about the theft.

Comments by Secretary Shawn Sullivan of the Department on Aging: ”To date, the laptop, the flash drive, and the paper files that were stolen, has not been recovered. There’s also no evidence to date that shows the information has been accessed or been misused,”. ”Our staff immediately began notifying and calling the families and the customers that was affected with those 100 files. For the most part, they’ve all been very understanding, very appreciative that we notified them immediately,”

The affected parties have been requested to check all bills and check on credit reports.

“You want to know what’s on your credit report. You want to see and recognize any changes or things that you don’t understand. You can see what changes are happening in your credit report and make sure they’re all accurate and up-to-date,” said Clifton O’Neal, communications director for TransUnion.

Data security with Alertsec

Alertsec is here to take care of our security issues especially for anyone working with PCs. Alertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta

University of Victoria loses banking data of 11,000 accounts during a break-in

January 11th, 2012

Universities and schools have wealth of data and thus are vulnerable to data thefts. It is of utmost importance to store this data, either online or offline, in a safe place.

Today’s news story revolves around data theft at the University of Victoria, B.C. Canada.

Over the weekend electronic devices like laptops, mobiles and storage devices were stolen from the University. In addition, cheques and a small amount of cash was stolen too. The stolen information contained names, payroll information and social insurance numbers of UVic employees dating back to Jan. 1, 2010. The disturbing aspect of this case is that the information stolen belonged to current and former employees and also contractors. Also disturbing is the fact that some of this information, especially the names, social insurance numbers and banking information was unencrypted.

According to Gayle Gorril, the univerity vice-president “It included … bank account information needed for direct deposits, social insurance numbers and payroll information,” Gorrill told CBC News late Monday. She further added that an information line has been set up on the website and that employees are being contacted. The affected individuals will be reimbursed bank fees and new checks, promised Gorrill.

Saanich police  and a forensic investigator are working on the case. According to the Police this work is of more than one person.

What the Privacy commissioner has to say about the theft?
According to Elizabeth Denham, the privacy commissioner, sensitive information must be encrypted at all times. Also public and private organizations must take measures to protect personal data. Denham further said. “A social insurance number is a sensitive piece of information because it’s a key to many other data about individuals, and it’s one of those numbers you can’t change,”. ”We are concerned because this type of information can be used for identity theft and fraud — it’s potentially harmful for individuals.”
UVic employees are constantly calling the Coast Capital Savings credit union’s call centre for information. They have been requested to close their accounts and set up new ones. The employees have also been asked to track their credit card transactions.
Employee reactions
“Number of credit alerts successfully placed on my credit report: None.”
Caitlin Morrison, a graduate student and employee, said, “You would hope that an organization like the university would have better systems in place to avoid such a widespread problem.”
Janni Aragon, a political science instructor, feels that the university should have informed employees immediately.
“I know a lot of my colleagues are angry we found out at the end of business day [Monday],” she said.
More about laptop security from Alertsec
Laptops generally get stolen from the work place, conference centers, hotel rooms, cars, airports and train stations.  It is difficult to prevent theft as opportunists are everywhere in our society.
Best bet would be to make sure  having a fresh back-up on a server or back-up device.
Lastly, by using encryption software, you greatly enhance the laptop security as there is no way that the information is compromised if lost or stolen.

University of Victoria sign at campus entrance...

Data stolen from the University, suspects at large

Enhanced by Zemanta

Another unfortunate coincidence for Telstra – Data breached again!

January 3rd, 2012

Heard of the same company becoming a victim of data breach twice within weeks? Well, it is certainly strange and unheard of but the recent breach at Telstra breaks the pattern! Telstra has experienced another data breach, it is yet to recover from the earlier one!

How did Telstra manage to become a victim for the second time?

The Australian reports that the breach took place Friday morning. Customer data was seen online via a spreadsheet  that was deployed by one of the company’s consultants on Editgrid.com. As soon as Telstra learnt about it, the site that contained the sheet was taken down and access to Editgrid was disabled. The company admits that thousands of emails addresses, phone numbers and postal details were leaked but passwords, credit or financial information was not compromised. A total of 1500 customers were affected by this breach.

What did the spreadsheet contain?
The spreadsheet held records of BigPond clients who contacted the telco’s customer service department for technical assistance. In addition the spreadsheet contained ticket numbers and job descriptions of complaintss lodged by Telstra customers. The online file also had details of  customer callbacks and information about faulty equipment. According to a Telstra spokeswoman “Our customers’ privacy is paramount and the site was disabled within an hour of Telstra being made aware of it”.
What is Telstra doing about the incident?
Telstra is reaching out to the customers and informing them about the incident. The customers will also be trained about data security.
Telstra tower

Telstra back in news for another data breach

The earlier breach

The Privacy Commissioner is currently working on the earlier breach and now has been notified about the second one. No doubt, he is going to be a busy man. In the last breach around 80,000 customers were affected when private information was exposed through a website search tool. Passwords had gotten exposed and Telstra had to reset all of them. Mr Pilgrim, the commissioner, had to look into Sony PlayStation and Vodafone’s major breaches.

Customer data was seen online via a spreadsheet  that was deployed by one of the company’s consultants. As soon as Telstra learnt about it, the site that contained the sheet was taken down. The company admits that thousands of emails addresses, phone numbers and postal details were leaked but passwords, credit or financial information was not compromised. A total of 1500 customers were affected by this breach.

As per the latest update, Telstra customers have not yet been contacted about this latest breach. No wonder they are angry and are waiting to hear from the company.

Data security with Alertsec

Alertsec is here to take care of our security issues especially for anyone working with PCs. Alertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta