Concerned parents may well advise their college kids to stay out of dark corners, lock their doors at night, and travel in groups. While these measures might help prevent college students from getting robbed in conventional ways, they cannot protect them from one of the worst kinds of theft imaginable: having their identities stolen and used to defraud others.
|Image Source: Romanian Hacker Arrested NASA Breach, Security News Daily|
Do a google search on NASA Data Breach, and you’ll get a few answers, but no mention of this one (per my search) that arrived in my mailbox recently:
This letter is to inform you about the unintentional loss of personally identifiable information that was submitted by you and your child as part of registration with NASA’s Texas High School Aerospace Scholars and Women in STEM High School Aerospace Scholars (WISH) projects.
An electronic copy of your information was stored on a flash drive by an employee of a NASA Johnson Space Center (JSC) grantee. On August 12, 2011, the flash drive was identified as missing after an aerospace scholar’s event at the NASA JSC Gilruth Facility. The personally identifiable information on the flash drive included only names, mailing addresses, e-mail addresses and students’ dates of birth. No other personally identifaible information was on the flash drive. No information is available about the current whereabouts of the flash drive but to date there is no evidence to suggest there has been any attempt to misuse you or your child’s personal information.
Because the flash drive included your child’s date of birth, as a precaution for you and your child, JSC has contracted with Identity Force to provide you (the adult/guardian) with three bureau credit report monitoring services and your minor/child with identity monitoring services for one year. These services will be provided to you free of charge to help protect you and your child’s identity.
|Source: SAIC web site...their solution may be proven but at least one employee was not.|
Update: This affected 4.9 million people!!!
This letter is to notify you of the loss of your personally identifiable and protected health information, and Science Applications International Corporations’s (SAIC) offer to you of free credit monitoring and restoration services for the period of one year.
SAIC is a government contractor supporting the TRICARE Management Activity (TMA). On September 14, 2011, a SAIC employee reported that computer backup tapes containing your information were stolen from his vehicle in San Antonio, Texas. Backing up your information to these tapes and transporting them for storage in a remote location is a routine procedure to save important data and is a specific contract requirement for SAIC. Upon discovery of the theft, we promptly notified law enforcement and designated government agencies.
The information contained on the tapes may include names, Social Security Numbers, addresses, dates of birth, phone numbers, appointment information, diagnoses, treatment information, laboratory tests, radiology results, prescriptions, provider names, provider location and other patient data, but does not include any financial data, such as credit card or bank account information.
The chance that your information could be obtained from these tapes is low since accessing, viewing and using the data requires specific hardware and software. We engaged law enforcement to attempt to recover the stolen backup tapes.
At this time, we have no evidence to indicate the data on the backup tapes has been accessed, viewed or used by others in any way. However, we know how concerned you may be and to assist you, SAIC is providing you with a free, one-year membership in Kroll Inc’s ID TheftSmart service.
|This blog entry was mentioned at the Military Medical Digest – http://www.tricare/mil/eenews|
Also, in the highlighted section of SAIC’s letter, you’ll notice that their disaster recovery approach involves physically transporting tapes. Those tapes should NOT be moved unless encrypted. Better yet, why not take advantage of Secure FTP to transfer files from one server to another?
Enter your email address:
Delivered by FeedBurner