At a rate of three new breaches a day in 2018, the selling of Personal Identifiable Information (PII) is a growing and lucrative marketplace. Every week new underground storefronts pop up on the dark web ready to facilitate the sale of stolen PII, including names, birthdates, Social Security numbers, credit card and banking information, and even voter records. For an unbelievably small investment, cybercriminals can walk off with valuable personal…
In December of last year, the Oklahoma Securities Commission learned that millions of sensitive files were left publicly exposed on one of their storage servers. Covering a broad sweep of disparate areas, the problem was fixed a day later, but not before thousands of email backups and images were left unprotected. Some of these files were long forgotten, dating back to 1986, and included highly sensitive life insurance information on…
What is Sensitive Data Classification? Sensitive data can be a number of things. The easiest way to think about it is to think of personal data you would not want to be shared with just anyone. There are several common pieces of sensitive data: Financial information – credit card numbers, bank account information, and social security numbers. Government information – any document that is classified as secret or top-secret, restricted,…
Healthcare Data Security – Data Loss Prevention In the healthcare industry, there is a ton of personal information stored – making healthcare cybersecurity vital. From medical charts and records, prescription and health insurance information, social security numbers, to payment details. Working in healthcare organizations like a doctor’s office, pharmacy, insurance company, or a hospital ensuring the safety of patient data is crucial. Breaches in the healthcare industry are occurring more…
Valley Hope Association’s mission is to help people overcome their dependence on alcohol and drugs. At their 16 addiction treatment centers, therapists and staff focus on helping people remove the triggers that drive their addictions in a safe and secure environment. But like so many non-profits, Valley Hope’s good intentions for protecting their patients weren’t enough to prevent hackers from exploiting their IT security weakness. Last week, 70,000 Valley Hope…
With all the focus on compliance requirements—PII, PCI-DSS, HIPAA, GDPR, and a plethora of other regulations—one of your company’s most important assets may be getting overlooked when it comes to data security: your intellectual property (IP). Accounting for more than 80% of market value, IP is one of your most important assets. It’s time you take the steps to protect this precious commodity. Step 1. Identify Copyrights and trademarks are…
[Scott Giordano] Appeared in Information Management With all of the attention now being paid to data privacy, many Americans are wondering who’s looking out for their personal information online and many organizations are seeking clarity around meeting compliance regulations and preparing for future changes. To help answer those questions, Information Management spoke with data privacy expert Scott Giordano for his advice on how companies and brands should be approaching data…
France, the country known for great wine and good food, can now also be known for something else, heavy GDPR fines. Recently, France’s National Data Protection commission imposed a $57 Million (50 million euros) fine on Google for violating the GDPR regulations based on Google’s apparent inadequate privacy and data collection practices. The commission stated, “The amount decided, and the publicity of the fine is justified by the severity of…
Smaller Data Footprints Lead to Trusted Reputations The well-supported adage is that it takes years to get a loyal customer and only seconds to lose them. One of the biggest mistakes you can make is putting your customers’ personal information at risk. A recent survey conducted by Ping Identity reveals many consumers are making drastic changes to the ways they interact with companies and secure their own personal data following…
State authorities of our most northern state, Alaska, just updated their initial notification from an estimate of only 501 individuals having their health department data breached to 700,000! This brings up two timely questions: 1. How could this have happened to our most sacred HIPAA data? 2. How could they call themselves authorities? Per a statement released by CynergisTek, “Alaska DHSS has a history of playing fast and loose with…