Information security analytics

Insider given 10-year sentence for selling FBI medical records
Ten years behind bars and a fine of $250,000 – that was the penalty for a hospital worker who tried to sell the private medical records of an FBI agent. Texas resident Liz Arlene Ramirez, 36, was found guilty of selling the confidential medical records of an FBI agent to a person she thought was working for a drug trafficker.
Naivety goes hand in hand with negligence
One U.S. state body sends out 64,000 letters containing private data to the wrong addresses, another 7 million people fill in online registration forms with their personal details in order to win non-existent iPods and video-game consoles: According to experts at InfoWatch, naivety and negligence are the two components of the notorious “human factor" that can never be cured.
Large businesses getting to grips with SOX spending
A recent survey by the Business Roundtable shows that almost all of those polled are sure that their expenses on the Sarbanes-Oxley Act will not increase in 2006. According to experts at InfoWatch, this demonstrates that large businesses have, for the first time in many years, learnt to manage their regulatory spending and risks.
200K HP staff affected by laptop theft
A laptop computer with the private details of almost 200,000 HP employees has been lost by the company Fidelity Investments. The data appears to have been unprotected leaving those affected open to identity theft. It is the third incident involving a stolen laptop (Ernst &Young, and Vermont State College) that InfoWatch has reported on this week. The laptop computer with information on nearly 200,000 former and current HP employees was stolen last week, Silicon.com reports.
Laptop theft compromises 14K Vermont College data
Thousands of Vermont State College staff and students have been informed that their social security and credit card numbers were on a laptop computer stolen from the car of a college employee. It is just the latest in a series of laptop thefts and one of three such incidents reported by InfoWatch this week.
US Security Breach Guidelines and Legal Considerations
The Recent Wave of Security Breaches Hardly a week passes without a news story about the theft of personal data from a computer database of a major company or organization. In 2005 alone, the personal information of at least nine million people was compromised by database breaches at companies that keep such information.
A Law Divided: PCAOB Guidance at Odds with SEC
Will external SOX audits reflect kinder, gentler control assessments? Recent SEC guidance stresses "reasonable" vigilance. But the PCAOB response to last years' audits might leave companies toeing a harder line. Too much or not enough? The message sent by the Public Company Accounting Oversight Board (PCAOB) in its latest round of inspection reports—including criticism of auditing work by each of the Big Four accounting firms—seems in contrast to an overall tone lately suggesting that firms need to back off on the level of detail they are examining.
Identity theft victims to get additional passport
Will a special “passport" issued to victims of identity theft help protect them from charges leveled by the police and credit organizations? No doubt it will, but, as InfoWatch points out, preventing the root cause of identity theft is a far more effective method of combating the crime. Legislators in the U.S. state of Iowa have suggested creating a special “passport" to help demonstrate the innocence of those affected by identity theft.
40K BP employees fall victim to Ernst & Young data leak
Yet more victims have been named in connection with the loss of confidential data by Ernst & Young. This time 40,000 U.S. workers of the oil giant BP were notified that a laptop containing their names and social security numbers ended up in the hands of criminals. InfoWatch has recently reported that Sun Microsystems, Cisco and IBM have also been affected by a spate of laptop thefts at the auditing firm.
Merrill Lynch fined 2.5M dollars for email storage failure
Yet another company that failed to maintain its corporate archive properly has been exposed. Merrill Lynch has been fined $2.5 million for violating regulations governing the storage of e-mails. The U.S. Securities Exchange Commission (SEC) fined the brokerage firm Merrill Lynch $2.5 million for failing to store it electronic correspondence correctly.
l.12-.057c.834-.407 1.663-.812 2.53-1.211a42.414 42.414 0 0 1 3.345-1.374c2.478-.867 5.078-1.427 7.788-1.427 2.715 0 5.318.56 7.786 1.427z" transform="translate(-128 -243)"/>