Group items tagged

Two credit-card payment processors are offering to cover merchants' fines and penalties in the event of a data breach. However, the two companies, Heartland Payment Systems and Mercury Payment Systems, have different requirements that must be met before a merchant would qualify for coverage. For Mercury, the retailer would have to prove it was Payment Card Industry Data Security Standard-compliant (PCI DSS) at the time of a breach. "This is an enticement program to get merchants involved in PCI compliance," Jim Mackay, Mercury's vice president of marketing, told SCMagazineUS.com Friday. "Though there are critics who say that PCI does not go far enough, at least it's a step in the right direction."

An insider at the California Water Service Company in San Jose broke into the company's computer system and transferred $9 million into offshore bank accounts and fled the country. Abdirahman Ismail Abdi, 32, was an auditor for the water company, which delivers drinking water throughout the state and is located in San Jose, Calif. Abdi resigned from his position on April 27. Allegedly, that night he went back to work and made three wire transfers totaling more than $9 million from the company's accounts to an account in Qatar. Abdi was seen by a janitor on the night of the crime, according to the San Jose Mercury News, citing court documents filed Wednesday in the federal court at San Jose. The next morning, the water company discovered what had been done and worked with their bank to have the money returned to their account. The company notified police, who are currently investigating the case, Jose Garcia, public information officer at the San Jose Police Department, told SCMagazineUS.com on Friday.

Internal controls failure.

"By now, California is well-acquainted with Meg Whitman, Steve Poizner and Carly Fiorina - Silicon Valley's big-name candidates this election season. But a pair of relatively unknown tech alums, sitting lower on the ballot, are even more an indication of the political maturation of the valley, a place that has traditionally favored pushing policy from the sidelines instead of crafting and enforcing it in Sacramento."

Geek politicians who want to do for CA what they did for the tech industry. Government 2.0 or crash, reboot, crash...

"SACRAMENTO, Calif.-The state Assembly passed a bill Monday that would allow video recorders to be installed on vehicles' dashboards, raising concern about drivers' privacy. Currently, state law prohibits dashboard devices that may obstruct a driver's view. The bill is supported by companies that hire teams of drivers. They want to ensure their employees are driving safely and use the cameras to help determine fault in an accident. The bill's author, Assemblyman Nathan Fletcher, R-San Diego, says companies that use the recorders in other states have reduced their accident claims by 80 percent."

Will your car have to testify against you in court?

A typical lost or stolen laptop costs employers $49,246, mostly due to the value of the missing intellectual property or other sensitive data, according to an Intel-commissioned study made public Wednesday. "It is the information age, and employees are carrying more information on their laptops than ever before," according to an analysis done for Intel by the Michigan-based Ponemon Institute, which studies organizational data-management practices. "With each lost laptop there is the risk that sensitive data about customers, employees and business operations will end up in the wrong hands." The five-month study examined 138 laptop-loss cases suffered over a recent 12-month period by 29 organizations, mostly businesses but also a few government agencies. It said laptops frequently are lost or stolen at airports, conferences and in taxis, rental cars and hotels. About 80 percent of the typical cost - or a little more than $39,000 - was attributed to what the report called a data breach, which can involve everything from hard-to-replace company information to data on individuals. Companies then often incur major expenses to prevent others from misusing the data. Lost intellectual property added nearly $5,000 more to the average cost. The rest of the estimated expense was associated with such things as investigative costs, lost productivity and replacing the laptop. Larry Ponemon, the institute's chairman and Advertisement founder, said he came up with the cost figure based on his discussions with the employers who lost the laptops. When he later shared his findings with the companies and government agencies, he said, some of their executives expressed surprise at the size of the average loss. But he noted that one of the employers thought the amount could have been even higher.

LOS ANGELES-Fifteen hospital workers have been fired and another eight disciplined for looking at medical records of octuplet mother Nadya Suleman without permission, hospital officials said Monday. Kaiser Permanente reported the violations of health care privacy laws to the state and has warned employees at its Bellflower facility to keep away from Suleman's records unless they have a medical purpose, said hospital spokesman Jim Anderson. "Despite the notoriety of this case, to us this person is a patient who deserves the privacy that all our patients get," Anderson told The Associated Press. Anderson would not elaborate on how the other eight employees were reprimanded, saying only that the punishments were significant. A similar privacy breach at UCLA hospitals led to celebrities' medical information getting leaked to tabloids in recent years, including details of Farrah Fawcett's cancer treatment showing up in the National Enquirer. Anderson said Kaiser does not believe any of Suleman's information was shared with the media, based on the results of their inquiry. The 33-year-old single mother of 14 gave birth to her octuplets on Jan. 26 at Kaiser's hospital in Bellflower, about 17 miles southeast of Los Angeles. Her attorney Jeff Czech said Suleman does not plan to file a lawsuit, though he suspects Kaiser employees were looking for medical information on Suleman's sperm donor. He said the name is not listed on the Advertisement medical records. "She trusts Kaiser and they said they'd look into it," Czech said. "We feel that they're on top of it and are taking care of it." Anderson could not provide details about when Suleman's medical records were accessed and by what kind of hospital employee. He said Kaiser had warned its employees about patient confidentiality rules before Suleman checked into the hospital in December. "Even though no one knew she was there, they knew she was going to have a lot of babies," Anderson said. "The extra monitoring he

Hackers, possibly from Asia, have stolen about a decade's worth of personal information on current and former UC-Berkeley students, the university announced Friday. The breaches involved records dating to 1999 at the school's health center that included Social Security numbers, health insurance information, immunization history and the names of treating physicians. No other treatment-related records were stolen, the university said, although self-reported medical histories of students who studied abroad were hacked. The school on Friday sent e-mails and letters to 160,000 people, including about 3,400 Mills College students who used or were eligible for University of California-Berkeley medical services. About 97,000 people are most at risk because their names and Social Security numbers could be connected by the hackers, said Steve Lustig, the university's associate vice chancellor for health and human services. "What's been taken is bits of data that the thief might put together into an identity," he said. The university traced the hackers back to Asia, possibly China, but the exact origin could not be pinpointed. UC and FBI investigators are probing the breaches, which apparently occurred over several months. An FBI spokesman said the agency was informed of the hacking immediately, but declined to provide more information. The thefts were discovered about a month ago, but system administrators did Advertisement not realize the breadth of the attack until April 21. The hackers disguised their work as routine operations and then left taunting messages for UC-Berkeley employees, said Shelton Waggener, the university's associate vice chancellor for information technology. The thieves accessed the information through the university Web site, he said. "You should think of it as a public building," Waggener said. "They got into the building properly, but then they broke into secure areas." Administrators at Mills College, which contracts with UC-Berkeley for