From: InfoSec News (alertsinfosecnews.org)
Date: Thu Dec 23 2010 - 03:12:56 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.nextgov.com/nextgov/ng_20101222_6852.php

By Bob Brewin
Nextgov
12/22/2010

Computer savvy Veterans Affairs Department employees have started to use
Internet-based services and tools that the VA does not provide on its
systems, presenting a security challenge, according to its chief
information officer. It's also a clarion call for the department to
adopt these applications, CIO Roger Baker said on Wednesday during a
media call about VA's monthly data breach report to Congress.

The November report revealed that employees in the Chicago VA hospital
maintained a calendar on the Yahoo.com website that listed more than
1,000 patients.

This schedule included patients' names, surgery dates, types of
procedures and the last four digits of their Social Security numbers. An
investigation revealed the facility's orthopedics department had used
the Yahoo.com site since July 2007, according to the data breach report.

The investigation determined that four orthopedic residents shared the
same Yahoo.com account and password to access the data, and in past
years a rotating series of residents had access to that account.

[...]

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]