Information security analytics

Last weekend, an electronic device, which contained 11,000 recordings, was stolen from a building of the University of Victoria. Among the compromised personal data were social security numbers of employees, bank account details and other information. The device was not encrypted.

The European Commission has amended the law on the protection of personal data. The Commission believes that priority tasks are the standardization of data defence systems over the entire European territory, the widening of data subject law, the toughening of punishment for unauthorised use of data. Among the amendments is a series of proposals for the protection of children during the use of internet resources. By the end of 2012, the Commission expects the approval of the legal project by European states.

CSDN, employees of the largest Chinese communities of software developers, under the management of Bailan Midami Digital Technology Co, Ltd, published a text file on the Internet, which included information on account users; usernames, passwords and e-mails. As a result of the leak, 6 million people suffered. In the release it is not reported, how long the database was in open access. Now at CSDN, the passwords of all users, whose information was compromised, are actively being changed. Source

A Federal Court in Switzerland has sentenced a former employee of Swiss bank Credit Suisse to two years (on probation) and a fine of 3500 Swiss francs for the theft of personal data of clients.

The analytical centre of Infowatch is informing of a compromise of the European database of VISA holders. The Romanian bank CEC has already blocked 17,000 VISA cards.

Another confidential data leak has been registered by the InfoWatch analytical center. A database with personal information on the more than 19,276 students enrolled at UTPA (The University of Texas-Pan American) was available for two months due to a University employee error. Student names, e-mails, addresses, phone numbers, IDs, as well as all GPAs, majors and other data were posted online.

As reported by the Russian news service with reference to one of the Fund’s clients, the Fund’s web-site (ПФР) published a file with personal information of the clients. Full names, personal tax reference numbers, insurance and savings-account values of some of its clients can be searched through «Яндекса».

A serious breach of the personal information protection law has been reported by one of the Pentagon’s major contractors. Up to 4.9 million of patients, who have received care from military facilities in San Antonio since 1992, have been affected. According to Science Applications International Corp., the breach was caused by the theft of backup tapes with health records. Some of the records contained social security numbers, addresses, phone numbers and health data of patients from 10 states.

One of the Pentagon's largest contractors said it had discovered a data breach affecting as many as 4.9 million patients who have received care from military facilities in San Antonio since 1992. Science Applications International Corp. said the breach involved backup computer tapes from an electronic health care record. Some of the information included Social Security numbers, addresses, phone numbers and private health information for patients in 10 states.

Auf dem gerade beendeten CIO Europe Summit 2011 in Berlin präsentierte der Security-Lösungsanbieter InfoWatch führenden Wirtschaftsvertretern Informationen und neueste Statistiken zu Data Leakage Prevention (DLP). Neben der Diskussion über vermeidbare Daten-Verluste im vergangenen Jahr wurde ergänzend das enorme Potenzial von DLP-Technologien beim Einsatz in Unternehmen und Institutionen erläutert.