Michigan State University (MSU) has confirmed that on Nov. 13 an unauthorized party gained access to an MSU server containing certain sensitive data which included the personal identifying information of 400,000 individuals. The MSU data breach, characterized by the MSU President Lou Anna K. Simon as a,”criminal act in which unauthorized users gained access to our computer and data systems”. …
Insider Threat – Canadian privacy breached as PHI/PII goes missing in Manitoba
Patients in Manitoba are receiving notification from their healthcare providers, that their personal and sensitive information has been lost or inappropriately accessed. As all who have responsibility for the security of information, the insider threat is very real. Often times we associate the insider threat to be associated with the actions of nefarious individual. As you’ll read below, the breaches …
Data breach – Are you prepared? Most are not.
According to the new survey conducted by the Ponemon Institute on behalf of Experian, companies are complacent and lack confidence when it comes to data breach preparedness. A result which I found to be most astounding given the fact that every day we read of yet another company, institute, organization or governmental entity experiencing a data breach. The study, “Is Your …
Data breaches in healthcare – The UW data breach
Data breach at the University of Washington – October 2013 In early October 2013 a University of Washington Medicine (UW Medicine) employee opened an email attachment and in doing so launched a piece of malicious software (aka *malware*). The employee’s computer was taken over by the malware and with that action approximately 90,000 patients had their data accessed by criminal …
Crimeware – a book review by Christopher
Five stars to Jakobsson & Ramzan for a most useful guide to understanding the underbelly of the internet. The strength exhibited by this book lies within the all-star lineup of contributors and the thorough dissection of the numerous forms of crimeware. Their book is a must read for anyone who has responsibility or an interest in protecting Personal Identifying Information (PII), Private Consumer Information (PCI) or Intellectual Property (IP).