Disclosure of data security breaches.ChoicePoint, a corporation that collects and compiles personal and financial information on millions of consumers, disclosed last February that it been the victim of a security breach. The company had sold personal information about almost 145,000 people to a con artist involved in an identity-theft scam (SCSI Configured AutoMatically) A subset of Plug and Play that allows SCSI IDs to be changed by software rather than by flipping switches or changing jumpers. Both the SCSI host adapter and peripheral must support SCAM. See SCSI. . At first, the company only disclosed the breach to California residents, as required by California's Notice of Security Breach law, enacted in 2002. However, ChoicePoint later disclosed that residents in other states, the District of Columbia District of Columbia, federal district (2000 pop. 572,059, a 5.7% decrease in population since the 1990 census), 69 sq mi (179 sq km), on the east bank of the Potomac River, coextensive with the city of Washington, D.C. (the capital of the United States). and three territories also may have been affected. Soon after the disclosures became public, Bank of America
Bank of America (NYSE: BAC TYO: 8648 ) is the largest commercial bank in the United States in terms of deposits, and the largest company of its kind in the world. disclosed that it had lost computer back-up tapes containing private data that were being transferred to another location on a commercial airline flight, and Seisint, a database company recently acquired by LexisNexis, was hit by hackers who were able to gain access to the personal information for as many as 32,000 people. The single largest security breach was discovered in May: CardSystems Solutions CardSystems Solutions is a credit card processing company. In June 2005, the fact that 40 million credit cards had been stolen from CardSystems was discovered. This led to the discoveries that CardSystems had been keeping data that it was contractually obligated to delete, and that , which processes credit card information for MasterCard and others, revealed that data on more than 40 million credit cards had been stolen after a hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. gained access to the company's systems. In the weeks after these high profile incidents hit the news, 3S states introduced legislation requiring that companies or state agencies disclose to consumers security breaches involving personal information. At least 17 have already passed laws. Although other states' attorneys general demanded that CboicePoint notify consumers in all states involved in the breach, many state laws did not require it at the time of the ChoicePoint breach. The ChoicePoint data incident reportedly has led to at least 750 known cases of identity fraud. Without the disclosure requirements of the California law California Law consists of 29 codes, covering various subject areas, the State Constitution and Statutes. See also
STATES WITH SECURITY BREACH LAWS Arkansas, California, Connecticut, Delaware, Florida, Georgia, Illinois, Indiana (applies to state agencies only), Louisiana, Maine, Minnesota, Montana, Nevada, North Dakota North Dakota, state in the N central United States. It is bordered by Minnesota, across the Red River of the North (E), South Dakota (S), Montana (W), and the Canadian provinces of Saskatchewan and Manitoba (N). , Rhode Island Rhode Island, island, United States Rhode Island, island, 15 mi (24 km) long and 5 mi (8 km) wide, S R.I., at the entrance to Narragansett Bay. It is the largest island in the state, with steep cliffs and excellent beaches. , Tennessee, Texas and Washington. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion