Log in

Posts Tagged ‘New Jersey’

Computer backup tapes reported missing from Nemours Children’s Health System

October 27th, 2011

Backup tapes containing patient billing data stolen

Data thieves somehow love stealing patient data or better they somehow know that stealing patient data is a lot easier than any other data. Recent cases of hospital data missing are a clear indication of the above.

The following is yet another case of missing patient billing data. This time thieves have managed to steal three unencrypted computer backup tapes containing patient billing and employee payroll data from a Nemours facility in Wilmington, Delaware. The tapes were supposed to be ’safely’ locked and there was another cabinet containing a computer systems conversion that was completed in 2004. The thieves cleverly stole the tapes and locked cabinet on September 8, 2011 during a facility remodeling project.

As yet there is no indication that the tapes were misused. Fortunately there was no medical data on the tapes. Thieves are going to have a hard time accessing data on these tapes and will need special equipment and knowledge if they want to break this code.

The data in these tapes includes info like name, address, date of birth, Social Security number, insurance information, medical treatment information, and direct deposit bank account information related to 1.6 million patients and their guarantors, vendors, and employees at Nemours facilities in Delaware, Pennsylvania, New Jersey and Florida.

According to David J. Bailey, M.D., President and Chief Executive Officer “This is an isolated incident unrelated to patient care and safety,”. “The privacy of our patients, their families, and our employees and business partners is a high priority to all of us at Nemours.”

Affected individuals are being notified and one year of free credit monitoring and identity theft protection as well as call center support has been offered to them.

In a special press release, patients were told the following:

Nemours has provided high quality and compassionate paediatric care for over 70 years, and the privacy and confidentiality of the information we maintain for our patients has always been an important part of the fundamental trust that we share with our patients and their families.

Needless to say, Nemours is revamping its data security policies. The policy includes data encryption and moving computer backup tapes to a another secure facility.

In a similar incident that we reported last week, backup tapes at TRICARE were lost. TRICARE is a provider of health care services to active and retired military personnel. These are careless and easily preventable mistakes that organizations must take into account.

Alertsec is helping organizations with their data security issues

Alertsec, a reliable name in the world of data security is guiding organizations in their data protection policy. Alertsec Xpress is powered by Check Point Full Disk Encryption – the global leader in data encryption software with millions of users worldwide! For years, Check Point has been protecting more PCs, laptops, PDAs, smart phones and removable storage devices than anyone else in the world.

Alertsec is the frontrunner in offering data encryption software as a fully managed service, and as such, Alertsec is a Check Point Managed Security Service Provider and Global Silver partner. We´re an experienced security organization with well-trained and Check Point certified experts.

No comments »

Posted in Computer security, Data Protection, Identity and Information loss, Uncategorized, computer security software, data encryption, identity theft

Tags: Backup Cryptography data data security David Jackson Bailey Delaware Nemours New Jersey Patient Pennsylvania September 8 2011 Social Security number Theft Wilmington Wilmington Delaware

10 years in prison for stealing $1.4 million Internet Telephone Service:

September 28th, 2010

A hacker named Edwin Pena, 27, was sentenced to 10 years in prison for stealing $1.4 million internet telephone service. He was an unauthorized wholesaler of Internet-based phone services. He sold more than 10 million minutes at deep discounts to customers.

Robert Moore, who was appointed by Pena to help him in his activities, got imprisonment for 2 years. Pena bought large assets in the name of his girlfriend by the money he stole from this act. He bought a Miami home, a 40-foot motor boat, a 2004 BMW M3, a 2005 BMW 325, and a 2005 Cadillac Escalade EXT.

The judge rejected his defensive arguments saying, “He is a crook, I don’t find he has any credibility when he says he’s a changed person.” The case is U.S. v. Pena, 09-cr-103, U.S. District Court, District of New Jersey (Newark).

This all is due to lack of strong data security and data encryption. Companies using sensitive data should hire IT security companies which provide data security software solutions.

How Alertsec Xpress Would Have Helped

The above threat could have simply be reduced to an insurance matter by a mere investment of $13/month. The information would have been secure with no loss what so ever. That is certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal 30-day free trial.

Hacker Gets 10 Years for $1.4 Million Internet Theft (businessweek.com)
VoIP hacker sentenced to 10 years (go.theregister.com)

No comments »

Posted in AlertSec Xpress, Alertsec Express

Tags: Cadillac Escalade Cryptography Miami New Jersey Newark New Jersey security Telephone United States

Hackers bypass Captcha

March 2nd, 2010

Do you remember those numbers that you enter for verification while signing up for a new yahoo account? Yes, we are talking about a CAPTCHA (pronounced /ˈkæptʃə/) which is a type of challenge-response test used in computing to ensure that the response is not generated by a computer.

Early CAPTCHAs such as these, generated by the...

Image via Wikipedia

While Captcha ensures security of critical data on the internet, 4 notorious miscreants from California had other ideas. The culprits who were identified as Kenneth Lowson, 40; Kristofer Kirsch, 37; and Joel Stevenson, 37, Faisal Nahdi, 36, were charged in the indictment.

What they did ?

These men who worked for Wiseguy Ticket Inc. hacked into the system of popular ticket sellers such as Ticketmaster, Tickets.com, MLB.com and MusicToday. They bought and resold over 1.5 million tickets to brokers in the New Jersey area. The equivalent value of fraud is estimated at $25 million. These were tickets of popular shows including Bruce Springsteen and Kenny Chesney concerts, also included were 2007 Major League Baseball playoff games at Yankee Stadium and Broadway productions of Wicked and The Producers.

How they did it ?

To provide un-biased access of tickets to popular events, the vendors such as Ticketmaster have put a limitations on the number of tickets that can be bought by an individual or a company. To execute this concept, online vendors have set up necessary software to which detects and prevents automated systems from dispensing bulk tickets in one go.

According to the government the employees at Wiseguy also worked with computer programmers in Bulgaria and developed a network of strong desktops which could be used to impersonate human beings. Evenutllay this lead to bombardment of tickets at the vendor’s place. Apparently, the culprits also had access to fake domain accounts & passworrds.

The Wiseguy team earned profited from the scheme by selling the tickets at a markup to the by charging its ticket brokers a percentage mark-up over the face value.

U.S. Attorney Paul Fishman said the tickets cost consumers an average of $30 a piece, with some premium seats going for more than $1,000, before they were turned over to a regular ticket broker at inflated prices. He also said, ‘Today’s indictment represents a significant step forward in the fight against those who use fraud to disrupt e-commerce and evade computer security’.

Infact this is not the first case were these guys have been caught. The charges also cites references to 42 additional counts of wire fraud; where unauthorized access to computer system has been gained resulting in damage to computers in the local commerce.

About Alertsec

Alertsec is the frontrunner in offering hard disk encryption as a fully managed service. We provide protection for all information stored on laptops and PCs in an easy, convenient, and cost-effective way. Check out our convenient and cost-effective computer security software for Windows 2000, XP, Vista and 7.