BreachExchange mailing list archives
Re: OT? GAO: Data breach Notification; Lessons Learned
From: "richard titus" <phystarus19 () earthlink net>
Date: Mon, 7 May 2007 09:07:46 -0400
The current push to allow Federal employees to work from home or from remote locations clearly needs to be reexamined for its data security implications. richard ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ----- Original Message ----- From: Al Mac To: Data Loss Incidents Sent: 5/5/2007 11:22:15 PM Subject: [Dataloss] OT? GAO: Data breach Notification; Lessons Learned I predict, that in the future, some of these lessons may be learned again. Privacy: Lessons Learned about Data Breach Notification. GAO-07-657, April 30. Much of this concerns internal prompt notification, like to law enforcement and within organizational hierarchy, getting correct names & addresses of who to notify and other legal complications. The GAO report includes a summary of data breach incidents at 6 gov agencies (Depts of Agriculture, Defense, Education, Health+Human services, Transportation and Veteran's Administration) ... any here we did not already know about? * 2006 Jan Farm Services FOIA contractor oops on 80,000 tobacco producers * 2006 Mar Navy Marine Corps thumb drive lost 207,570 individuals * 2006 May VA employee home burglarized affecting 26.5 million * 2006 June National Student Loan CD lost in transit on 13,756 individuals * 2006 June HHS contractor employee laptop stolen 49,572 Medicare beneficiaries * 2006 Dec DoT laptop stolen from car parked in FL 133,000 commercial drivers & FAA pilot licensees http://www.gao.gov/cgi-bin/getrpt?GAO-07-657 Highlights - http://www.gao.gov/highlights/d07657high.pdf GAO conclusions specifically on VA data breaches. http://www.gao.gov/highlights/d07532thigh.pdf
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 207 million compromised records in 649 incidents over 7 years.
Current thread:
- OT? GAO: Data breach Notification; Lessons Learned Al Mac (May 05)
- <Possible follow-ups>
- Re: OT? GAO: Data breach Notification; Lessons Learned richard titus (May 07)
- Re: OT? GAO: Data breach Notification; Lessons Learned Al Mac (May 07)