|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: security curmudgeon (jericho
attrition.org)
Date: Fri Jul 20 2007 - 18:53:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.saic.com/response/qa.html
[..]
The information was for work being done in connection with TRICARE, the
health benefits program for the uniformed services, retirees and their
families. The server was not behind a firewall and did not contain
adequate password protections, which is in violation of SAIC policy. SAIC
stopped using this server when security concerns were raised.
[..]
---
So the information was on an FTP server, not protected by firewall, and
had inadequate passwords. Combine with that the fact they notified 580,000
people and this doesn't sound like the information "may" have been
compromised...
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 214 million compromised records in 730 incidents over 7 years.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]