Information security analytics

InfoWatch brings you the latest in statistics and analysis covering information leaks. It includes analysis of most sporadic and systematic leaks, a review of known vulnerabilities, and highlights of leak sources.

Montfort Hospital officials were scrambling on Friday to reassure thousands of patients that an unsecured USB data key lost by a hospital employee did not contain intimate details of their health issues. Information on the USB key, downloaded from a Montfort computer in contravention of hospital rules, contained information on more than 25,000 patients, all of whom have been sent a letter of apology and reassurance signed by Montfort’s chief privacy officer El Mostafa Bouattane.

CUMBERLAND. Personal data of about 275 past and present workers is quickly removed after it's found to be public. Cumberland officials are trying to determine how 275 names and Social Security numbers of current and former town employees were posted to the town's website. Town Manager Bill Shane said the breach was discovered Jan. 9 by an employee who Googled a name, found the personal information publicly available, and notified Shane. The town's website was quickly shut down. Within 30 hours the data had been scrubbed from the Internet, Shane said.

Over the last four years alone, two Japanese swindlers earned over $10 million on the personal information black market. They are, in fact, its founders. Managers of a research firm, Akira Niihara and Junji Hisamatsu were arrested on claims of unlawful receipt and dissemination of private information.

Analysts at Juniper Research assert that loss and theft of mobile devices is the most dangerous threat to businesses today. According to results of the agency’s research, the mobile safety market in the corporate segment will spring up faster than in the personal use sector.  

USA. Rapid7 published the results of an investigation on information leaks in the government sector. For the period of January 1, 2009 through May 31, 2012 there are 268 recorded cases of information leakage, with over 94 million records containing personal information being put at risk.

An audit of the safety systems of Scotland’s municipalities has shown that over the last 5 years, information on over 10,000 people has disappeared. According to a report composed according to results of an audit of Scotland’s government bodies’ performance, since 2007 carelessness or negligence on the part of local government bodies’ employees led to the loss of notebooks, USBs and other carriers of confidential information, including Blackberry phones storing confidential correspondence and etc. The total number of incidents was over 250.

According to the prosecutor, the criminal stole over 100 important documents from the company and tried to transfer the information to China. According to a Reuters report, referencing the prosecutor’s press-service in Chicago, USA, a Motorola employee has been sentenced to 4 years of confinement for publicizing commercial secrets of her former employer.

Indianapolis, USA. Thieves stole a laptop from a Cancer Care Group employee’s car, which contained personal information about 55,000 medical center patients suffering from oncological diseases. The incident occurred on July 19. The Cancer Care Group employee left his work laptop in his car, with information on about 55,000 clients of CCG. Victims of the leak were under supervision at the center, where they are assisted in fighting oncological diseases.

South Korean Internet companies are now forbidden to collect and use people’s passport information, phone numbers and address details. Starting Monday, all South Korean Internet stores, Internet game operators, news portals, and music and software catalogues do not have the right to ask registered users for information related to official personal details.