BreachExchange mailing list archives
Data breach at Progressive highlights insider threat (fwd)
From: lyger <lyger () attrition org>
Date: Fri, 7 Apr 2006 07:54:44 -0400 (EDT)
From: InfoSec News <isn () c4i org> Date: Fri, 7 Apr 2006 00:33:56 -0500 (CDT) http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110303,00.html By Jaikumar Vijayan APRIL 06, 2006 A recent case in which an employee at Progressive Casualty Insurance Co. wrongfully accessed information on foreclosure properties she was interested in buying highlights again the dangers posed to corporate security by insiders. Progressive officials today confirmed that the company sent out letters in January to 13 people informing them that confidential information, including names, Social Security numbers, birth dates and property addresses had been wrongfully accessed by an employee who has since been fired. Michael O'Connor, a spokesman for the Mayfield Village, Ohio-based company, said officials were alerted to the situation when a local woman complained about receiving calls from a Progressive agent inquiring about her house being under foreclosure. "What happened was that the former employee, who purchased foreclosure property, wrongly used the information in a real estate database," O'Connor said. Though there was no actual hacking involved to get at the data, her actions constituted a violation of Progressive's code of ethics, O'Connor said. "We investigated the situation, the employee was terminated, and we alerted the people whose data was accessed," he said, adding that the matter was resolved in January. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Data breach at Progressive highlights insider threat (fwd) lyger (Apr 07)