Domain: datalossdb.org
Stories and comments across the archive that link to datalossdb.org.
Comments · 12
-
Re:breach database?
I'm not sure what you're looking at. Its latest report is January 13, 2012.
I was looking the June 2011 thru Jan 2012 reports on this page and the date of the latest post on the front page.
-
Re:breach database?
-
Re:breach database?
I'm not sure what you're looking at. Its latest report is January 13, 2012.
http://datalossdb.org/index/latest
True, it doesn't mention Zappos yet.
-
Re:breach database?
-
Re:Very hard to encrypt a backup tape?
When was the last time we read a story, "Iron Mountain lost backup tapes uber confidential data."??
Based on a quick search, at least as recently as 2009. And then 2008 before that. And 2007, 2006, and 2005 (twice) before that.
http://datalossdb.org/organizations/128-iron-mountain
We use Iron Mountain and they're generally good (and the local warehouse is only a couple of miles away), but it's still a good idea to encrypt any tape that leaves the facility, whether or not it contains personal data. A system backup could provide information useful to someone who wants to gain access to a network, among other things.
-
Re:Exaggeration
You assume that a network or "cyber" attack is negligible compared to a real military attack. What about when those attacks steal or reveal sensitive military information, compromise troop movements, or even better silently alter or changes plans? Or how about if malicious software were to cripple a nations infrastructure such as power and water? Or steal the information regarding the whereabouts of critical personnel in military branches? What if a nation were to conduct economic warfare, such as targeted pump and dump spam or hack into a nations banks and continually reveal customer information. A state player with large resources might be able to create a Heartland type data breach many times over, that could cause some serious chaos.
Malware like stuxnet could easily bring a nation to its knees if it was properly applied. The best thing we can do is to have a little foresight with regard to the true threat events like these pose especially where state actors are concerned.
Besides Schnier is one of the most level headed security people around.
http://online.wsj.com/article/SB124027491029837401.html - DoD plans for jet fight stolen
http://www.theregister.co.uk/2008/03/06/pentagon_breach_assessment/ - Pentagon breached
http://datalossdb.org/incidents/2478 - Records of 40,000 plus army personnel stolen -
Re:Oh no!
Oh no! This is nothing like fact-based reporting, either.
Look at the graph on the banner of OSF Dataloss. That banner, right across the top, shows the number of reported incidents, month by month, since Feb 2007. The 2007 average seems to be in the mid-40s. The 2008 average seems to be about 60 per month. The 2009 bar graph is steadily sloping downwards, starting from a high of 61 incidents in Feburary dropping down steadily to 23 last month and 16 this month.
To be a bit more factual, you can visit the statistics. That shows the progression from 2005-2009 looking like this:
2005 140
2006 530
2007 484
2008 703
2009 331Nothing in the statistics even remotely seems as bad as last year, and this year's pace seems to be trending towards even fewer breaches than 2006's level.
I call shenanigans on this report!
-
Re:Oh no!
Oh no! This is nothing like fact-based reporting, either.
Look at the graph on the banner of OSF Dataloss. That banner, right across the top, shows the number of reported incidents, month by month, since Feb 2007. The 2007 average seems to be in the mid-40s. The 2008 average seems to be about 60 per month. The 2009 bar graph is steadily sloping downwards, starting from a high of 61 incidents in Feburary dropping down steadily to 23 last month and 16 this month.
To be a bit more factual, you can visit the statistics. That shows the progression from 2005-2009 looking like this:
2005 140
2006 530
2007 484
2008 703
2009 331Nothing in the statistics even remotely seems as bad as last year, and this year's pace seems to be trending towards even fewer breaches than 2006's level.
I call shenanigans on this report!
-
Re:Ferengi
unfortunately governments care even less about your privacy than the corporate Ferengi do.
This is very true.
US Law requires businesses to collect your SSN (as an employee and in some financial cases, customer), many government agencies also use your SSN for identification, this has actually created a mini-market for stolen SSN's (last I heard, they were selling for around $20.00 each)
Think about what a tempting target this could be for someone earning a meager wage at one of these companies. (and with all the phishing going on.. an employee.. or even scummy business owner could EASILY get away with it)
This information is lost or stolen on an almost daily basis:
http://datalossdb.orgThe way to protect your privacy is (duh) don't give this information to anyone! but, laws actually require you to fork it over to them.
One would hope that most businesses would just as soon not have to deal with this powder keg, yet the law forces them to collect it.
In effect, our government is the problem. Moreover, I find it strange how politicians don't seem to care (there are, afterall, a large contingent of people who are upset about this)
If the republicans could re-invent themselves as a party that believes in privacy (har, har) they'd EASILY gain control again. (but they won't do it..)
-
Re:Hard Drive Encryption - Theory vs. Reality
-
Re:Dive For Them?
Just follow the RSS feed -- you'll find 2 new breaches every day or more! How is that not fun?!
-
DataLossDB
I'm going to file my bug reports here instead.