Kansas sells computers with privacy information

[Henry Brown <hbrown () knology net>]

http://www.saljournal.com/rdnews/story/HNS-computer-audit-6-18-08

TOPEKA -- Lawmakers expressed alarm Wednesday over a legislative report 
showing that confidential information was left on outdated state 
computers being released for sale to the public.

The Legislative Division of Post Audit found that several state agencies 
had failed to adequately remove sensitive data from some machines, 
including Social Security numbers and password files.

The computers had been turned over to a government office that disposes 
of excess state property for Topeka-based agencies, but they hadn't been 
sold.

However, the report stated the state's problems with handling surplus 
computers posed a significant risk for a costly and embarrassing breach 
of private data to the public or criminals.

[...]

Researchers found that seven of the 15 computers they looked at still 
contained information that's considered confidential under state or 
federal law. That includes thousands of Social Security numbers, names 
of Medicaid beneficiaries and personnel information about state employees.

Password files and other network information that could be valuable to 
hackers were also on the machines.

Another four computers contained sensitive agency files such as employee 
accident reports and architectural drawings of state office buildings. 
One even contained copyrighted music files.

[...]


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml