BreachExchange mailing list archives
Kansas sells computers with privacy information
From: Henry Brown <hbrown () knology net>
Date: Fri, 20 Jun 2008 06:14:19 -0500
http://www.saljournal.com/rdnews/story/HNS-computer-audit-6-18-08 TOPEKA -- Lawmakers expressed alarm Wednesday over a legislative report showing that confidential information was left on outdated state computers being released for sale to the public. The Legislative Division of Post Audit found that several state agencies had failed to adequately remove sensitive data from some machines, including Social Security numbers and password files. The computers had been turned over to a government office that disposes of excess state property for Topeka-based agencies, but they hadn't been sold. However, the report stated the state's problems with handling surplus computers posed a significant risk for a costly and embarrassing breach of private data to the public or criminals. [...] Researchers found that seven of the 15 computers they looked at still contained information that's considered confidential under state or federal law. That includes thousands of Social Security numbers, names of Medicaid beneficiaries and personnel information about state employees. Password files and other network information that could be valuable to hackers were also on the machines. Another four computers contained sensitive agency files such as employee accident reports and architectural drawings of state office buildings. One even contained copyrighted music files. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- Kansas sells computers with privacy information Henry Brown (Jun 20)