BreachExchange mailing list archives
follow-up: Personal data on stolen NIH laptop was not encrypted
From: security curmudgeon <jericho () attrition org>
Date: Tue, 25 Mar 2008 09:22:35 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://federaltimes.com/index.php?S=3442638 By ELISE CASTELLI FederalTimes.com March 24, 2008 Personal data on a stolen National Institutes of Health laptop was not secured by encryption measures, as federal regulations require. As a result, medical data on nearly 2,500 patients is at risk following the February theft of a laptop from the locked trunk of a laboratory researchers car. The [National Heart, Lung and Blood Institute] recognizes that such information should not have been stored in an unencrypted form on a laptop computer, said Elizabeth Nabel, director of NHLBI, a division of NIH. However, at the time of the theft, the laptop was off and protected by a password that would take considerable computer sophistication to crack, she said in a March 24 statement. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up: Personal data on stolen NIH laptop was not encrypted security curmudgeon (Mar 25)