Information security analytics

Security and law enforcement professionals are appalled that their personal information was leaked by Guidance Software, a security software and training company they say should have known better than to leave an unencrypted database exposed on the Internet.

The identities of more than 50,000 customers of major Bahamas resort Atlantis have been exposed to possible identity fraud following the theft of personal information from the hotel, the owners said. Kerzner International Ltd., owner of the luxury 2,300-room Atlantis resort on Paradise Island, revealed details of the data theft in a document filed with the Bahamas Securities and Exchange Commission. Information stolen included names, addresses, credit card details, social security numbers, drivers license numbers and bank account data, the filing said.

A medical office has warned about 700 patients that their personal data may have been compromised by the theft of six computers. Authorities said the office of Squirrel Hill Family Medicine, which is owned by the University of Pittsburgh Medical Center, was broken into over the Dec. 17-18 weekend. One of the six computers taken contained a file with names, Social Security numbers and dates of birth for patients, but not their medical conditions, UPMC spokeswoman Jane Duffield said.

Reduced documentation could hit Big Four fees The costs of complying with Section 404 of the Sarbanes-Oxley Act are expected to drop by 40% in the second year under the new rules, according to a survey. A sample of the Fortune 1000 companies by consulting firm CRA International, undertaken on behalf of the Big Four, showed that costs associated with meeting the regulations on internal control the second time around will be much smaller for both larger and smaller listed companies.

A new year and an old story: Americans fall prey to data theft. A new year and another old story: Congress does nothing about it, not even requiring companies to inform consumers of the breaches. According to the Privacy Rights Clearinghouse, 2005 saw more than 100 reported breaches involving the personal data of more than 50 million Americans. Most of the breaches occurred after Congress got riled at ChoicePoint in February and swore action to protect consumers.

The world's largest bank has mistakenly sent the account numbers of 580 companies to the wrong addresses. Bank of Tokyo-Mitsubishi UFJ was quick to blame human error for the programming blunder and not the computer system at the recently merged financial institution.

New Jersey has joined a handful of states with something that New York and the federal government lack — a law to give people some protection against identity theft. More than 55 million Americans became vulnerable to identity theft by computer breaches and break-ins alone in 2005, making it the worst year yet for cybercrime.

ABN Amro's LaSalle Bank reported that it lost back-up tape with private data of 2 million customers on Friday. However on Tuesday the bank said that the tape was found and sensitive records were safe. Despite there is no evidence of misuse of data, it is recommended that clients use free credit monitoring program for 1 year.

PC with 70,000 private records was stolen from a Ford facility. Names, Social Security numbers and etc. are now compromised.

The Board found that many audits were not as effective as they might have been, and offers suggestions After monitoring the implementation of Auditing Standard No. 2 the Public Company Accounting Oversight Board has issued a report on the problems it found. Auditing Standard No. 2 concerns Sarbanes-Oxley Sections 404 and 103 and the process of auditing a corporation's internal controls. The report describes how audits could be more effective and efficient in the future, using less time and resources to locate the material needed to form an auditor's opinion.