Tag Archives: Open Security Foundation

Immediate Vault Immediate Access

A Breach a Day…Or More

Posted on by

 

More and more we are hearing of the increased frequency with which data breaches are occurring. You read about it the newspaper, see it on the news and sometimes you get notices in your inbox in real-time, like I do. What used to be a once-a-week data breach email alert from DataLossDB.org, an open security foundation, now comes as multiple emails, several times a day.

Quite frightening.

Here are some of the most recent data breach events:

February 27, 2013: TEKsystems, a company affiliated with Bank of America, was charged with monitoring hacker activity from groups targeting the bank — most likely, the collective hacking group known as Anonymous. Not liking the sound of that, a group affiliated with Anonymous released what it claims is “14GB of data belonging to the bank and other organizations, including Thomson Reuters, Bloomberg and TEKsystems.”

February 27, 2013: I thought the first email I received with the title “Laptop of Head of Israel’s Atomic Energy Commission Stolen” was bad, but then I received one the very next day that was even worse. According to various news reports, a second laptop belonging to Shaul Horev was stolen from his home in just one week. It might be time for tighter security.

February 26, 2013: Though this only counts as a potential data breach, it’s still quite alarming. According to the same open security foundation (OSF) from which I receive data breach email alerts, a hospital has left sensitive data belonging to patients and staff exposed on the internet. The worst part is, OSF has made “multiple phone calls, filled out a formal (outsourced) service desk ticket addressed to the hospital’s sysadmin and technical analyst, and sent a direct email to the hospital’s CEO.” Still, they’ve received no response.

February 25, 2013: We’ll head to Canada for this one. According to news reports from the great white north, the loss of a thumb drive has prompted an investigation that has widened to include the Justice Department. The drive contained information regarding Canada Pension Plan disability benefits related to more than 5,000 individuals.

February 21, 2013: Even peacocks are not immune. Last week, NBC announced it was the victim of an attack. Hackers added links to malware on the site, using the Citadel Trojan worm, the same one that plagued the websites of U.S. banks recently.

February 21, 2013: Zendesk, a customer service software provider, announced a security breach that allowed hackers into its system, where they had access to information from three customers — Twitter, Pinterest and Tumblr.

February 5, 2013: The U.S. government seems to be no match for sophisticated system spies. Earlier this month, The U.S. Department of Energy revealed that hackers breached 14 of its servers and 20 of its workstations, making off with personal information belonging to several hundred employees. “It’s a continuing story of negligence,” Ed McCallum, former director of the department’s office of safeguards and security, told the Free Beacon. “[The department] is on the cutting edge of some of the most sophisticated military and intelligence technology the country owns and it is being treated frivolously by the Department of Energy and its political masters.”

These are just a few of the many, many data breach alerts I’ve received in the month of February alone. It leaves one questioning whether we will ever win the war against hackers.