Laptop Encryption Software: AW Hastings Data Breach Via ADP.

Automatic Data Processing, Inc (APD) filed a breach notification letter with the New Hampshire Attorney General’s office.  According to the letter, a laptop was stolen from an ADP employee.  The device was protected, possibly with disk encryption software (such as AlertBoot).  However, it looks like encryption software may have failed the company in this case. […] read more

Solicitorsfromhell.co.uk Breaches UK Data Protection Act: Information Needs To Be Accurate.

The High Court of Justice in the UK has ruled that solicitorsfromhell.co.uk (“SFH”), has breached the Data Protection Act (DPA).  It’s a reminder that the DPA is not just about protecting data. Just because many publicized DPA breaches are a result of not using data protection tools such as drive encryption software like AlertBoot doesn’t mean […] read more

Disk Encryption Software: 1.4M Cattles Group Customers Affected By Breach.

Approximately 1.4 million customer of the Cattles Group — owners of the Welcome Finance loan firm in the UK (whose website currently has a message stating that “Welcome Finance is no longer taking applications for new loans”) — are being notified of a data breach.  Two “backup discs” which haven’t been protected with data encryption […] read more

Reminder: California Breach Notification Law Amended, Beginning 2012, AG Must Be Notified.

A timely reminder for the new year: Beginning on January 1, 2012, any businesses that have a data breach must alert the California Attorney General’s office if more than 500 Californians are affected.  I’m pretty sure that this does not extend to any sensitive information that was protected with adequate data protection tools, like AlertBoot’s […] read more

Data Encryption: Stratfor Stored Credit Cards In Plain Text.

The Office of Inadequate Security (databreaches.net) has been following the Anonymous hack of Stratfor.com very closely.  Of course, this is the hack where data encryption software was not used to protect credit card numbers, which were in return used to make “charitable” donations. Dissent, the administrator behind databreaches.net, has raised a number of pertinent questions […] read more

Medical Data Security: Will 2012 Finally See the Final Rule To HITECH?.

The Senate Judiciary Subcommittee on Privacy, Technology, and Law recently asked a number of questions to the Department of Health and Human Services (HHS) and the Department of Justice (DOJ): What’s holding back the Final Rule to the HITECH Act amendment to HIPAA? Why is enforcement of current medical privacy laws so lackadaisical? While the […] read more

Data Encryption Software: Using Your Bum As A Password?.

Researchers at the Advanced Institute of Industrial Technology in Tokyo have developed a new way to identify people: using 360 sensors arranged and embedded into a seat to measure the pressure profile of a person when they sit down.  The system has 98% accurate identification rate in the lab.  Besides the obvious application of using […] read more

Encryption and Traveling: EFF’s Tips Regarding Data Security And Cross-Border Travel.

The Electronic Frontier Foundation (EFF) has published a timely article for the holidays: “Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices”.  In it, you’ll find a number of recommendations and explanations regarding travel from and to the US, including: Why and how the US government searches devices What issues to […] read more

HIPAA Wall Of Shame: More Than Meets The Eye.

Color me surprised: the number of breaches at the Department of Health and Human Services website is understated, possibly on a massive scale.  This is according to an article at modernhealthcare.com.  As many know, the Data Breach Rule under the HITECH Act mandates the notification of data breaches to patients when PHI is lost or […] read more