The Hot Aisle Logo
Fresh Thinking on IT Operations for 100,000 Industry Executives

Data Leakage

Terrifying stories of mass data loss involving Personally Identifiable Data

I have been thinking about data storage and protection recently and how our behaviour is driving massive growth in cost and complexity.  The issue seems to eminate from the fact that we focus on solving backup when the real problem is restoring data: We need to be able to deal with data corruption and incorrectly […]

Continue Reading

My old firm, First Data, have teamed up with RSA, the security division of EMC (NYSE: EMC) to provide a new service called First Data Secure Transaction Management which is engineered to enable merchants to secure payment card data and remove it from their environment while allowing access when needed. Regular readers of the hot aisle will […]

Continue Reading

The Times of India reports that mail services offered to Indian nationals are to be subject to new legislation. Indian investigating agencies dealing with cyber crime have much to cheer following recent amendments to the IT Act. The amendments passed by Parliament require internet behemoths like Google, Rediff and Microsoft — which provide free email services — […]

Continue Reading

David Strom writes in the New York Times about how to stop your commercially sensitive data from falling into the wrong hands: As more small businesses rely on e-mail and instant messaging for their communications, they would do well to use a number of inexpensive methods to preserve privacy and ensure that messages are read […]

Continue Reading

The first arrests in connection with the recently disclosed breach at Heartland Payment Systems Inc. have been made. The Leon County, Florida Sheriff’s office earlier this week announced the arrests of three area residents — Tony Acreus, Jeremy Frazier and Timothy Johns — for allegedly using stolen credit card numbers associated with the breach. The arrests followed a three-month […]

Continue Reading

RBS WorldPay (formerly RBS Lynk), the U.S. payment processing arm of The Royal Bank of Scotland Group, announced on the 23rd December 2008 that its computer system had been improperly accessed by hackers with criminal intent. Approximately 1.5M accounts have been affected with potential exposure of 1.1M US Social Security numbers and other personally identifiable data.

Continue Reading

Recent cases of lost data have damaged public perception of government competence Over 80% of the population in Scotland has lost confidence in the UK government’s ability to look after personal data; this is the stark finding of the first comprehensive survey of its kind into the psychological impact of recent public sector information losses. […]

Continue Reading

The BBC published an interesting article on some research from Symantec. Symantec calculated the figure to quantify the scale of fraud it found during a year-long look at the internet’s underground economy. Credit card numbers were the most popular item on sale and made up 31% of all the goods on offer. Coming in second […]

Continue Reading

The Washington Post reports that a single cyber crime group has stolen more than a half million bank, credit and debit card accounts over the past two-and-a-half years using one of the most advanced strains of computer spyware in existence, according to research to be published today. The discovery is among the largest stolen data […]

Continue Reading

I am not sure if it increasing awareness about personally identifiable data loss or we are just becoming more careless with personal data but the data loss diary for October 2008 is a real stinker. 10 October – Theft of an MOD laptop containing personal identifiers, passport details, National Insurance numbers, family details and medical […]

Continue Reading

The BBC reported today that an inquiry has been launched after a memory stick with user names and passwords for a key government computer system was found in a pub car park. Subcontractor Atos Origin, which lost the stick, said there had been a “direct breach” of its procedures. It said the matter was being taken “extremely […]

Continue Reading

Despite many high profile cases of unencrypted backup tapes going missing, more than a third of organizations still do not know if they should encrypt their backup tapes and half do not know where they would store their tape backup encryption keys. This is one of the alarming findings in the new 2008 Encryption and Key Management […]

Continue Reading

I picked up an extremely interesting article in the UK’s Daily Telegraph this morning. The article claims that some Chip & PIN Point of Sale devices manufactured in China have been tampered with at source and that PIN numbers and other secure data has been sent to offshore thieves. Dr Joel Brenner, the US National […]

Continue Reading

Deutsche Telekom is involved in the latest data leakage scandal. The mobile division T-Mobile has admitted that over 17 million customer data records were stolen in 2006. Der Spiegel reports that the Personally Identifiable Information (PII) records, phone numbers, addresses, birth dates and some e-mail addresses of customers, were being offered for sale on the Internet. The stolen […]

Continue Reading

I have been catching up on press releases that have come in since I have been on holiday and picked up one from Secerno. Perimeter application firewall requirement leaves customer data vulnerable to growing insider threat, claims database security expert Secerno’s products are designed to protect the database by implementing a set of perimeter controls […]

Continue Reading

I picked up a press release about a medium sized firm of Financial Advisors changing over from paper based to scanned images for storing their client files. Independent financial advisors, IFS, standardise on Kodak’s ScanMate i1120 scanners to manage client files * Financial Services Authority requires client paperwork to be stored indefinitely * Moving away […]

Continue Reading

The Daily Mail reports that a UK Government investigation was launched after the personally identifiable information (PII) of more than a million bank customers was found on a computer sold on eBay. Highly sensitive information on American Express, NatWest and Royal Bank of Scotland customers was found on the disk array sold for £35.88 (about […]

Continue Reading
«