Data Encryption: Phoenix Ireland/Scottish Provident Ireland Loses Backup Tape (Updated 26 May 2011).

Phoenix Ireland — previously known as Scottish Provident Ireland — has alerted 50,000 62,000 clients (mostly former clients) that their personal information was saved to a backup data tape, now missing.  In breach of their data security policies, the information was not protected with cryptographic solutions like AlertBoot endpoint encryption. It’s Missing…Maybe In one of […] read more

Laptop Encryption Software: 133,000 Affected By OSDH Computer Theft.

The Oklahoma State Department of Health (OSDH) is notifying people about the theft of a laptop computer.  It has not revealed whether the missing laptop was protected with drive encryption software, a cryptographic tool that would have prevented the need to send over 133,000 breach notification letters. Car Break-In The laptop computer and other items […] read more

Data Encryption: Email Addresses Are PII, Personally Identifiable Information, According To Decade-Old Cases.

Conflicting emotions run though me whenever I read about data breaches that only involve names and e-mail addresses.  On the one hand, it doesn’t seem like a particularly egregious breach: the information doesn’t appear to be any more personal than your phone number in the local telephone directory.  On the other, it can be used […] read more

Data Security: Epsilon Breach Commentary.

I just thought I’d comment on a new development I ran across the Epsilon data breach.  According to databreaches.net, people are e-mailing the site regarding Epsilon’s claim that only email addresses and/or names were breached.  Epsilon is adamant, after inquiries were sent by databreaches.net, that “the ONLY information that was comprised was email address and/or […] read more

Disk Encryption: Texas Education Agency Thinks More Student IDs At Risk After Laredo.

Late last March, news broke out on how nearly 25,000 Laredo District students had suffered a data breach when a CD was shipped out to the Texas Education Agency (TEA) via mail.  That wasn’t the end of the situation: it turns out more districts had done the same in participation with a UT-Dallas research program.  […] read more

Data Security: Is France Really Requiring Passwords To Be Saved In Plaintext? Hashes Not Allowed?.

Slashdot.org has an article titled “France Outlaws Hashed Passwords” followed by “”Storing passwords as hashes instead of plain text is now illegal in France, according to a draconian new data retention law.”  It looks like someone might have jumped the gun: according to French speakers on the site, the law does nothing of the sort.  […] read more

Data Encryption: Keeping Your Cars Less Safe.

I ran across an interesting article over at io9.com.  The argument is that cars today are less secure than before due to the use of data encryption.  The funny thing?  The argument is pretty sound. Radko Soucek: Car Thief If you have 5 minutes to spare (or 10 minutes, if you multi-task), I’d highly recommend […] read more

Drive Encryption Software: Applied Micro Circuits Notifies Employees Of Stolen Laptop.

Applied Micro Circuits Corporation (APM) is sending data breach notification letters to current and past employees, informing them that a company laptop was stolen.  Multiple levels of password protection were used, but data encryption like AlertBoot, which is really what matters when it comes to information security, was not used. Password-Protected According to a copy […] read more

Computer Hard Drive Encryption: How Not To Notify 94K People About Data Breach (MidState Medical Center).

Computer hard drive encryption is not a difficult process to execute — at least not with programs like AlertBoot, which is designed for rapid and easy deployments within organizations.  Still, many organizations fail to use encryption, as MidState Medical Center recently revealed. 93,500 Patients Alerted To Breach MidState Medical Center has recently started sending breach […] read more