Re: CTS: Thief Steals Tax Records

[Adam Shostack <adam () homeport org>]

So without meaning any disrespect George, I think that there are
multiple fair interpretations of what's happened.

1) Arizona CPAs don't care.
2) Arizona CPAs saw your ads and decided that the risk wasn't that
high.  (No comment on the quality of the risk assessment.)
3) Arizona CPAs said "he's trying to drum up business" and let that
color their risk assessment

Similarly, your claim earlier "There was virtually no interest on the
part of the CPA's to protect their customer's information"

1) could be true
2) could be that the CPAs don't know how to differentiate themselves
on this basis.
3) could be that your telemarketer stinks.

I'm glad to have you on the list and discussing your experience.
Please don't take this as anything more than an attempt to offer
alternate hypotheses.

Adam

On Sun, Feb 04, 2007 at 11:37:36AM -0700, George Toft wrote:
| We tried to alert them all.  We published articles and ads in the 
| Arizona Society of CPA magazine.
| 
| George Toft, CISSP, MSIS
| My IT Department
| www.myITaz.com
| 623-203-1760
| 
| Confidential data protection experts for the financial industry.
| 
| 
| blitz wrote:
| > So one would/might postulate at this point the thieves are selecting 
| > smaller targets, with less names and info. Especially ones with less 
| > security, and obviously more to loose should they be compromised.
| > 
| > */There should be an alert to them all.
| > 
| > 
| > /*At 23:39 2/3/2007, you wrote:
| > 
| >> I would expect to see more of these.  I met an accountant in Phoenix
| >> that had just her hard drives stolen - guess what the thief was after?
| >>
| >> This is a sore point for me - we hired a telemarketer to call every CPA
| >> in Phoenix.  There was virtually no interest on the part of the CPA's to
| >> protect their customer's information from this type of event.
| >>
| >> BTW - 800 people for one firm means it's a small firm.
| >>
| >> George Toft, CISSP, MSIS
| >> My IT Department
| >> www.myITaz.com <http://www.myitaz.com/>
| >> 623-203-1760
| >>
| >> Confidential data protection experts for the financial industry.
| >>
| >>
| >> Dissent wrote:
| >> > http://www.wndu.com/news/headlines/5530966.html
| >> >
| >> > Eight hundred people are in jeopardy of having their credit ruined,
| >> > because thieves in the night stole their personal information from a
| >> > Cassopolis tax preparer.
| _______________________________________________
| Dataloss Mailing List (dataloss () attrition org)
| http://attrition.org/dataloss
| Tracking more than 146 million compromised records in 562 incidents over 7 years.
| 
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 146 million compromised records in 562 incidents over 7 years.