California agency suffers second major data breach in six months

[security curmudgeon <jericho () attrition org>]

http://www.infosecurity-us.com/view/18953/california-agency-suffers-second-major-data-breach-in-six-months/

California agency suffers second major data breach in six months
27 June 2011

The California Department of Public Health (CDPH) has experienced its 
second major data breach in six months, this one affecting 9,000 current 
and former state employees.

The CDPH said that personal information on 9,000 employees was .improperly 
copied to a private hard drive and removed from state offices.. The data 
breach was discovered April 5 but the announcement was not made until June 
24. The department explained that it conducted an investigation into the 
data breach and discovered that an employee had removed the information 
without authorization. It did not offer an explanation about why it took 
two and half months to complete the investigation.

In December last year, the CDPH admitted that a unencrypted magnetic tape 
containing sensitive personal and medical information on up to 2,550 
facility residents, employees, and health care workers was lost in the 
mail.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/