Cyber Security Institute
§ Current Worries
Top 3 Worries
- Regulations
- Old Firewall Configurations
- Security Awareness
§ Listening
For the best information
- The underground
- Audible
- Executive Excellence
- Music (to keep me sane)
§ Watching
For early warnings
- 150 Security Websites
- AP Newsfeeds
- Vendors
Saturday, February 25, 2006
Another security breach reported
Following on the heels of an embarrassing security lapse by McAfee and its accounting firm Deloitte & Touche, financial giant Ernst & Young acknowledged Friday that it, too, had lost sensitive data that could be exploited by identity thieves. In a letter dated Feb. 13, Ernst & Young warned clients that their Social Security numbers were on a laptop that was stolen from an employee’s locked car. Santa Clara antivirus softwaremaker McAfee warned 9,000 current and former employees in a letter dated Feb. 17 that a compact disc containing their names and Social Security numbers was lost.
Consumer advocate Beth Givens ruefully chuckled at the idea that companies that specialize in security and keeping track of important information would commit such gaffes. “It just points out how pervasive these security breaches are,” said Givens, director of the San Diego nonprofit Privacy Rights Clearinghouse.
Deloitte made the CD in order to back up a McAfee database of employee stock holdings, according to the letter. MacDermott said McAfee did not have a policy requiring its auditor to encrypt the data.