David Meyer from ZDNet reports that Zurich Insurance was hit with a $3.5m fine by the Financial Services Authority (FSA) in the UK for failing to secure customer data. This comes from an incident when a data tape went missing in transit between processing centers. There was no evidence the data on the tape had been used or exposed, but the lack of process and policy was enough to cause the FSA and step in.
The FSA noted in their statement that:
As there were no proper reporting lines in place Zurich UK did not learn of the incident until a year later
An effective breach of the UK Data Protection Act according to the Information Commissioners Office (ICO).
I’ll be speaking on Data Protection and Privacy law at the Houston Community Group meeting, amongst other speakers such as Martin Littmann, Director of IT Systems Kelsey-Seybold, and John Schoweiler, Director of Security Opps, US Oncology. If you’d like to attend please contact your McAfee account manager for registration details.
No, I’m not talking about weddings or the like, Celebrations is a rather beautiful boat that sails around Lake Washington. McAfee have booked her out for a private tour. Attendance is by registration only, but if you think you might like to come you should approach your McAfee account manager.
For those who follow me around, I’ll be speaking at “The Security Standard” on September 13th 2010. It’s only a short spot but I’ll be introducing some new information about McAfee’s unified DLP solution, and talking briefly about data protection regulations.
Following on from a failed state-wide “hack” of the Blackberry system, where the state-controlled telco etisalat tried to distribute a “performance enhancing patch” to Blackberry users (which turned out to be a state-controlled back door program), The United Arab Emirates is threatening to block e-mail sending and IM delivery on Blackberries, and Saudi Arabia is threatening to block Blackberry-to-Blackberry IM.
According to BBC News:
Both nations are unhappy that they are unable to monitor such communications via the handsets. This is because the Blackberry handsets automatically send the encrypted data to computer servers outside the two countries.