SecurityRatty: tag: suppose

J.C. Penney customers affected by lost GE Money backup tape

2008-01-18 10:24:59 by Evan Francen in The Breach Blog

...suppose you want to be sure you get it right Since December, the company has been notifying consumers in batches of several thousand and telling them to phone a call center set up to deal with the breach. The notification is expected to be completed next week Penney's card holder Elizabeth Rich of Everett, Wash., got one of the GE Money...

Tags: penney, penney customers, tape, backup tape, money, sensitive personal information, personal information, penney card immediately, information security practices

Sexy Development Lifecycle

2008-01-30 01:37:00 by sdl in The Security Development Lifecycle

...suppose that a few of those people might use my ideas to find vulnerabilities in the field, which is good. But security shouldnt start with the pentester after all, you cant test security into a product. Security should start with the developer, and then continue on with the tester, the pentester, the netadmin, and everyone else in the...

Tags: developer security, developer security issues, security issues, developer, love developer cons, security, attend developer cons, developer cons, sdl

WakeMed Emergency Department laptop goes missing

2008-01-31 01:32:38 by Evan Francen in The Breach Blog

...suppose that an identity thief would announce their intentions somehow? Identity theft grabs more headlines now than it ever did, and there are victims every day. What makes people think that the risk is minimal and there is "no reason to believe" that a thief may be interested in the information on the computer. Even if the thief isn't...

Tags: sensitive personal information, information, medical information, download diagnostic information, emergency department, county ambulances, ambulances, laptop, county

Stolen Salesforce.com unencrypted external storage device

2008-02-12 13:32:40 by Evan Francen in The Breach Blog

...suppose recovery could happen, but I'm not holding my breath We take our obligation to safeguard your personal information very seriously, and are working to further enhance our data security practices to prevent this type of event from reoccurring Evan] I see this same (or very similar) remark in almost all breach notifications. IF a...

Tags: external storage device, storage device, sensitive personal information, personal information, device, personal information includes, information, salesforce, data

Throw away your digital picture frames

2008-02-19 03:36:49 by Steve Riley in Steve Riley on Security

...suppose. Yet this isn't a cure-all: if you're logged in as administrator, the virus helpfully re-enables Autorun. Sheesh! If you own one of these frames, SANS suggests that you take it to a friend who has a Mac or Linux box and plug it in there. Yeah, that's good advice; there exist no viruses for these operating systems, correct? It's...

Tags: frames, picture frames, trojan, generic trojan, digital photo frames, trojan horse, virus apparently, malware, windows

Irish jobs site compromised and personal information accessed

2008-03-31 10:13:21 by Evan Francen in The Breach Blog

...suppose that the "hackers" came into the possession of a log-in and password? Did they get it from a stolen laptop or other piece of equipment? Did they get it from someone's Post-It note? Did they socially engineer a legitimate user? Let's suppose that the "hackers" obtained the log-in through social engineering, or a social engineering type...

Tags: jobs, information, personal information, job-seekers site jobs, site, identity, identity theft, breach description, breach

Oklahoma State University Parking Services server is compromised

2008-05-15 15:08:54 by Evan Francen in The Breach Blog

...suppose information security personnel knew that sensitive personal information was stored on the server prior to this incident Upon discovering this intrusion, the IT Information Security Office immediately removed the server from the network to evaluate server activity to ascertain if personal information had been accessed The...

Tags: server, sensitive personal information, personal information, information, server administrators, server immediately, server prior, database server, confidential information

NHTI loses thumb drive that may have contained student information

2008-06-24 17:21:39 by Evan Francen in The Breach Blog

...suppose that this particular flash drive could have ended up in the garbage or destroyed somehow, but if someone found it, I think chances are pretty good that someone will find the information. The difficult part is trying to determine what someone will do with the information once they have it, I suppose However, out of an abundance of...

Tags: flash, lost flash drive, information, usb flash drive, usb, sensitive personal information, personal information, flash drive, confidential information

Indianapolis Power and Light customer data exposed for up to four years

2007-12-06 09:27:41 by Evan Francen in The Breach Blog

...suppose customers just assume that a reputable company would be doing the right thing. There is also no mention of whether or not IPL contacted the various internet search engines (Google, Yahoo, etc.) to have the information removed from cache, but maybe we should just keep assuming Past Breaches Unknown

Tags: ipl residential customers, ipl, residential ipl customers, information, collect personal information, customers, light customers, sensitive personal information, information affects

Passport Canada web site suffers serious breach

2007-12-05 11:51:09 by Evan Francen in The Breach Blog

...supposed to use high-tech security," Mr. Marsden said in an interview. "You'd think it wouldn't be that bloody simple Comfyllama] Mr. Marsden was one of the people that had his application revealed on the site I think it's very clear that a strong, mandatory security-breach law is long overdue in this country and it's cases like these that...

Tags: passport canada, information, personal information

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo