BreachExchange mailing list archives
Premera hack: Another sign that data in the U.S. is under attack
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 18 Mar 2015 19:33:52 -0600
http://www.networkworld.com/article/2899073/security0/premera-hack-another-sign-that-data-in-the-u-s-is-under-attack.html Yes, it's happened again—an emormous breach of healthcare data. Eleven million users of Premera Blue Cross insurance will likely get free credit monitoring for a year, as this were somehow recompense for bad security, inept IT, bad asset management, and insulting the dignity of their clientele. And this is not the end. It should be considered that most insurance companies, if not all, are under attack. It's also likely that financial institutions, major retailers, and especially the U.S. government are as well. Have we any shouts from the White House or Congress that we're under attack and need to deploy (data) troops? No. They sit and twiddle their thumbs in budgetary brinkmanship, paying off campaign contributors by allowing foreign heads of state to thwart constitutionally endowed foreign policy, and so forth. It's your data and my data, folks. Cloud-based or locked away in an ostensibly protected data vault, it's ripe for the picking. Whether Anthem, Premera, Target, TJ Maxx, ad infinitum, we're getting hacked, while we're spending money on fake cellphone towers to monitor cellphone conversations and location-based data. Where is the hue and cry? How much data assets do people have to lose before strong and visible action is taken? Should they ALL be flushed away, along with our dignity and our personas? The mind reels. Even when healthcare data is used legally, we have no standards, and privacy standards are largely an oxymoron. Add the legal use/misuse, the stolen data, and the future doesn't look very bright. Worse: don't expect government intervention to do much. They're busy arguing about the rantings of obscure orthodoxy and campaign contributors.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Premera hack: Another sign that data in the U.S. is under attack Audrey McNeil (Mar 27)