Verizon Communications

Software update leads to potential data breach

June 27th, 2015

Affected information includes first and last name, Social Security Number, Blue Shield identification number, date of birth, and home address. Financial information was not exposed, according to the letter, and users who had unauthorized access to PHI confirmed to Blue Shield that they did not keep copies. Moreover, those users said they deleted the information and returned any records to the company.

The website is used by authorized users but the software provided unintended result.  It was found out that three users, who logged into their own accounts at the exact same time as another user, were able to view member information associated with the other individual’s account.

According to the Blue Shield Statement:

This issue was reported to the Blue Shield Privacy Office on May 18. The Website was promptly taken off line to identify and correct the problem. The Website’s faulty code was identified and corrected and the Website was returned to service on May 19. Our investigation revealed that this was the result of human error on the part of Blue Shield staff members, and the matter was not reported to law enforcement authorities for further investigation.

The notification letter did not say how many individuals were affected, but Blue Shield added that those potentially affected will receive a free, one-year membership to identity protection services.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Data breach incidents remain undisclosed by Companies

November 3rd, 2013

According to enterprise malware analysts, half of the data breach incidents suffered by U.S. companies go undisclosed.

As per a new survey, 57 percent of malware analysts working on enterprise-related data breaches have addressed security problems that U.S. firms failed to disclose. In order to save reputations or avoid difficult questions by customers and investors, it may be that data breaches are more widespread than first believed, and businesses are far behind in the fight against cyberattackers.

Attempts of attack on security and cyberattacks have become major problems for companies all over the world. If successfully breached, a company network could become an open treasure for hackers, potentially full of customer details including telephone numbers, addresses and card details, sensitive corporate data, or information which impacts national infrastructure security. LivingSocial, Evernote and the Federal Reserve are a among those to be victims of high-profile breaches  taken place this year.

In 2013, Verizon’s Data Breach Investigations Report found that 621 data breaches were confirmed in the year 2012. However when compaired to ThreatTrack’s data which says 66 percent of malware analysts working with 500+ employee enterprises have dealt with undisclosed security problems, the confirmed 621 attack number may somehow be underreported.

“While it is discouraging that so many malware analysts are aware of data breaches that enterprises have not disclosed, it is no surprise that the breaches are occurring. Every day, malware becomes more sophisticated, and U.S. enterprises are constantly targeted for cyber espionage campaigns from overseas competitors and foreign governments. This study reveals that malware analysts are acutely aware of the threats they face, and while many of them report progress in their ability to combat cyber-attacks, they also point out deficiencies in resources and tools.” said ThreatTrack CEO Julian Waits.

To no surprise, 40 percent of respondents said that skilled help is in short supply, this is one of the most difficult aspects of their roles. In an interesting twist, many of the malware analysts said the majority of their time was taken up, thanks to the Internet habits of executives who through browsing pornography sites, clicking on phishing emails and installing malicious apps allow malware to infiltrate networks.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta