SecurityRatty: tag: identifier

Twisty little passages, all alike

2008-05-18 19:29:56 by Richard Clayton in Light Blue Touchpaper

...identifier within it. They are redirected (ONE) by the Phorm system to www.webwise.net The user visits webwise.net by following the redirection. If they do not have a Phorm identifier cookie, then they will be issued with a new identifier and redirected (TWO) elsewhere on webwise.net The user visits webwise.net for the second time. If they...

Tags: cookie, phorm identifier cookie, identifier, phorm identifier, phorm, phorm fools, phorm unique identifier, phorm system redirects, phorm system breaks

Donor personal information was on Lifeblood stolen laptop

2008-02-14 10:17:22 by Evan Francen in The Breach Blog

...identifier. I would much prefer that they create an identifier for me that cannot be used against me later I really appreciate all the work that blood centers do for the communities they serve, but they really don't serve the victims well when they don't take the time to properly secure the information they collect I cannot think of a good...

Tags: mobile blood collection, blood, personal information, memorial blood centers, blood saves lives, blood type, lifebloods blood donors, lifeblood, information

40,000 BlueCross BlueShield members notified of lost laptop

2008-03-11 15:31:27 by Evan Francen in The Breach Blog

...identifier numbers Breach Description Blue-Cross Blue-Shield of Western New York says it is notifying tens of thousands of its members about identity theft concerns after one of it's company laptops went missing Reference URL The Buffalo News WIVB Channel 4 News WGRZ Channel 2 News Report Credit WGRZ Channel 2 News Response From the...

Tags: sensitive personal information, personal information, information, confidential information, laptop, information owners, breach description, breach, security breach

Stealing Phorm Cookies

2008-04-22 17:49:01 by Richard Clayton in Light Blue Touchpaper

...identifier it has is the visiting IP address, and most consumer ISPs give users new IP addresses every few hours or few days. In contrast, the Phorm tracking number will last until the user decides to delete all their cookies A twist on this was suggested by Barrie in one of the comments to my earlier post . If the remote website obtains an...

Tags: phorm, cookie, phorm cookie, isps deploy phorm, phorm identifier, identifier, unique phorm, phorm system strips, system

MBTA Hack - Is it really this easy?

2008-08-15 13:19:29 by Chris Wysopal in Zero in a bit

...identifier that references the account in a central database The tickets do have a unique identifier generated when the card is initially purchased so a fraud detection system could be in place or is planned. But this would require tracking the value on the ticket or the usage of the ticket centrally so it isnt clear why the value is stored...

Tags: massachusetts taxpayer, taxpayer, system, fraud detection system, system costs, public system, massachusetts taxpayer money, charlieticket system, charlieticket

MBTA Hack: Is It Really This Easy?

2008-08-15 13:19:29 by Chris Wysopal in Zero in a bit

...identifier that references the account in a central database The tickets do have a unique identifier generated when the card is initially purchased so a fraud detection system could be in place or is planned. But this would require tracking the value on the ticket or the usage of the ticket centrally so it isnt clear why the value is stored...

Tags: massachusetts taxpayer, taxpayer, system, fraud detection system, system costs, public system, massachusetts taxpayer money, charlieticket system, charlieticket

Laptop stolen in Royal Bolton Hospital break-in

2007-12-19 15:24:44 by Evan Francen in The Breach Blog

...identifier that makes it possible to share patient information across the whole of the NHS safely, efficiently and accurately. The NHS Number is now more important than ever. Currently, patient information is stored in a number of places and a variety of ways - including paper, computer and film. By 2010, every registered NHS patient in...

Tags: confidential personal information, personal information, royal bolton hospital, hospital, sensitive personal information, bolton, information, information security, share patient information

House committee issues report and finds fault with TSA web site

2008-01-15 09:35:53 by Evan Francen in The Breach Blog

...identifier. As a result, every time travelers visited the site to check on the status of their applications, the control numbers they entered to access their files were vulnerable to theft. Once they obtained these numbers, attackers would have access to travelers personal information The Submission Page Was Not Encrypted One of the sites...

Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities

Stolen laptop contained unencrypted Fallon Community Health Plan information

2008-01-25 11:54:27 by Evan Francen in The Breach Blog

...Identifier, used by a provider or supplier to bill the Medicare program, which usually consists of the person's or his or her spouse's Social Security number Breach Description Three laptops were stolen from a Boston office used by an unnamed Fallon Community Health Plan vendor. One of the three laptops contained sensitive personal...

Tags: information, sensitive personal information, fallon, protect confidential information, accesses confidential information, fallon senior plan, senior plan, confidential information, unknown vendor

Securing Network Location Awareness with Authenticated DHCP

2008-03-19 12:47:02 by Steven J. Murdoch in Light Blue Touchpaper

...identifiers which may leak privacy sensitive information (name, employer, office location, job role); even randomly generated identifiers allow a user to be tracked. When roaming, a laptop should not broadcast identifiers unless necessary, and on moving location either pseudonymous identifiers should be re-used or anonymous ones generated...

Tags: network location, location, network location awareness, network, office location, dhcp, network location identifier, logical network, vista dhcp client

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo