[ISN] Unencrypted thumb drive causes breach at VA

From: InfoSec News <alerts_at_private>
Date: Fri, 19 Nov 2010 00:26:34 -0600 (CST)

By Alice Lipowicz
Nov 18, 2010

Two recent privacy breaches at the Veterans Affairs Department involved 
employees who disregarded information security protocols they were 
trained to follow, said Roger Baker, assistant secretary for information 
and technology at VA.

One incident involved an employee who plugged a personal unencrypted 
thumb drive into his computer at work and used it to inappropriately 
store Social Security numbers and other personal data for 240 veterans. 
The thumb drive was then lost inside a VA facility, found by a VA 
security guard, taken home by the guard and finally returned to VA 
officials, who declared the events a security breach.

In the other incident, a VA employee printed out Social Security numbers 
and other personal information on 180 veterans and took the papers home, 
where he typed the information into a Microsoft Word file on his home 
computer. When he tried to send the file to his work account via e-mail, 
VA's system flagged the message, resulting in discovery of the breach.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Thu Nov 18 2010 - 22:26:34 PST

This archive was generated by hypermail 2.2.0 : Thu Nov 18 2010 - 22:38:48 PST