Information security analytics

The scandal surrounding the leak of a database belonging to Valuehost – a hosting provider – continues apace. To recap: The incident began with information concerning the theft of Valuehost’s database containing passwords and logins to its sites. Then, when angered customers began leaving the company in favor of its competitors, Valuehost demanded the payment of a breach-of-contract fee. And now Kaspersky Labs has established the wholesale infection of Valuehost sites with the Psyme Trojan.

In America, cases of insiders using personal data for various types of fraud are becoming more frequent. One of their favorite targets is the area of credit. Last week, Florida police discovered a gang engaged in just such machinations. InfoWatch experts warn of a possible increase in cases of credit obtained on the basis other people’s credentials in Russia as well.

As the result of the theft of three mobile computers in London, around 15,000 British policemen face possible identity theft. InfoWatch experts strongly advise against keeping unprotected data on mobile devices and storage devices which employees take outside organization perimeters since the possible consequences are so serious.

The situation around the St. Petersburg company Web Hosting – better known by as Valuehost – is hotting up. Shortly after news of a database with around 100,000 clients’ details being made available online, comes the likelihood of mass court actions. These actions come from private citizens who cite inadequate service levels resulting in breach of contract. The InfoWatch analysis center sees the underlying cause as the company’s lack of a data-protection solution and the presence of internal threats to information integrity.

Yet more news about stolen laptops. Among the victims this time are two large organizations: The American Internal Revenue Service and the British Nationwide Building Society. The former has acknowledged the theft of 478 mobile computers over less than five years. And the latter has sent some 60,000 out of a total of 11 million customers a notification about the theft of private details. The 22,500 American students whose personal data was stolen looks almost paltry by comparison.

In Britain, a campaign is underway to suppress the activities of businesses and individuals which trade in the sale of confidential information. While InfoWatch is glad to see the police giving this issue their attention, it urges companies which possess confidential data to be proactive in protecting their own data themselves.

Last week the InfoWatch analytical center highlighted the recent rise in the number of incidents involving the loss or theft of laptop computers. This week sees yet more victims, with 60,000 Starbucks employees, 1,000 Canadian children, and students and teachers from the Villanova University all affected. Experts at InfoWatch warn that there is unlikely to be a drop in such figures any time soon.

The inconsistencies displayed by the US government are breathtaking. For example, it can declare war on terror and launch invasions of several states, while at the same time publishing bomb-making materials on an official site. According to experts at InfoWatch, that kind of negligence could lead to very real casualties.

The American and European banking sectors have very different approaches to the interpretation and application of the Basel II Accord. Experts at InfoWatch believe this is unlikely to lead to serious problems in practice if, of course, the US doesn’t go back on its word.

Affiliated Computer Services (ACS) is no stranger to news headlines when it comes to lax security of personal data. Experts at InfoWatch point out that the latest leak at the company, the third in quick succession, signifies negligence on the part of management.