Information security analytics

RentPath, Inc., formerly known as Primedia, recently began notifying employees, former employees and applicants that their personal data may have been accessed by an independent contractor. According to the company, on June 20, 2012, an independent contractor working in its network operations group was seen on security tapes stealing more than 50 pieces of computer hardware.

An employee of Institutional Shareholder Services (ISS) shared nonpublic voting data in exchange for $15,000 in concert tickets and $20,000 in meals. From 2007 through early 2012 an ISS employee provided nonpublic information on how over 100 ISS clients were voting on proxy ballots to a firm that gathers shareholder votes. ISS will pay The Securities and Exchange Commission $300,000 to settle civil charges and penalties.

The Financial Supervisory Service has punished credit finance lender IBK Capital for leaking private information of its customers, FSS officials said Tuesday. The state financial regulator said it issued a 6 million won ($5,500) fine and individual cautions to two executives and three employees of the capital firm. The five are held responsible for exposing names and contact numbers of some 5,700 customers without consent in 2012, the FSS said. About 700 of these customers had their credit rating information stolen as well.

An investigation was launched after private details on a massive scale were sent to controversial contractor G4S. The data breach involving personal information about more than 1,000 ‘backroom’ staff at Cambridgeshire, Bedfordshire and Hertfordshire police happened amid negotiations to privatise services. That deal was scrapped after the private firm was caught up in the fiasco over providing security for the London Olympic Games.

Technical failures within the Pentagon’s IT infrastructure have led to a mass data leak of defence documents and over half a million emails regarding the cases of Guantanamo Bay detainees. According to Commander Walter Ruiz, the lead defence counsel for the lawyer for Mustafa al Hawsawi - one of four men being tried over their alleged involvement in the 9/11 attacks - a “significant amount of defence work” was lost from a drive along with “over 500,000 emails containing attorney-client privileged communications”, reports Frontline.

Secret documents from WWI, which the government had order to be destroyed, were recently discovered just outside Usk. Jeremy Arter, a former soldier, was clearing out his aunt’s attic and came across the documents. “I was about to throw everything away but, leafing through, I saw a book with MI7(b) written on it and decided to take a closer look.” It was lucky he did because the documents turned out to be the only surviving examples of work from the WWI propaganda organisation, formerly know as MI7.

News headlines may make it sound like there's always an organized cybercriminal syndicate waiting to break down the firewall and steal everything in the corporate network. Flashy headlines and referencing scary hacktivist groups may be good for the media, but those strategies also take attention away from significantly more common risks.

The massive Earthquake Commission privacy breach involving the details of more than 80,000 people is just another reason not to take the organisation seriously, Christchurch residents say. EQC announced that every Canterbury resident who had made a home repair claim after the quakes had their privacy breached last week. It is believed to be one of the largest privacy breaches by a government agency in the country's history. EQC bosses have been summoned to Earthquake Recovery Minister Gerry Brownlee's office.

As the use of mobile devices, file-sharing software and cloud services has been on the rise among healthcare providers, data breaches have been rising steadily along with them. A hefty 94 percent of healthcare organizations who participated in an annual survey said they had at least one data breach in the past two years. What’s more startling is that 45 percent said they’d had more than five incidents, and half reported little or no confidence that their organization had the ability to detect all patient data loss or theft.

This paper presents new research carried out by European analysis company Quocirca amongst 150 enterprises with over 1,000 employees in the UK, France and Germany. Even though organizations are increasingly aware of the damage that can be done to their reputation and customer trust through the misuse or loss of sensitive data, a new report reveals that only 22% of businesses have implemented secure printing initiatives, indicating a low level of awareness of the efficacy of this attack vector.