BreachExchange mailing list archives
Unencrypted thumb drive causes breach at VA
From: security curmudgeon <jericho () attrition org>
Date: Fri, 19 Nov 2010 00:51:31 -0600 (CST)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://fcw.com/articles/2010/11/18/data-breach-va-veterans.aspx By Alice Lipowicz FCW.com Nov 18, 2010 Two recent privacy breaches at the Veterans Affairs Department involved employees who disregarded information security protocols they were trained to follow, said Roger Baker, assistant secretary for information and technology at VA. One incident involved an employee who plugged a personal unencrypted thumb drive into his computer at work and used it to inappropriately store Social Security numbers and other personal data for 240 veterans. The thumb drive was then lost inside a VA facility, found by a VA security guard, taken home by the guard and finally returned to VA officials, who declared the events a security breach. In the other incident, a VA employee printed out Social Security numbers and other personal information on 180 veterans and took the papers home, where he typed the information into a Microsoft Word file on his home computer. When he tried to send the file to his work account via e-mail, VA's system flagged the message, resulting in discovery of the breach. [...] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Unencrypted thumb drive causes breach at VA security curmudgeon (Nov 22)