Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

« Email retention...is it easier to delete important information and pay fines than it is to figure out how to control the content people put within email messages? | Main | Consider carefully what law or regulation you use to sue someone when a privacy breach occurs... »

When a Virus Bot Becomes a Privacy Breach

I found it very interesting that one of my alma maters, the University of Northern Iowa, reported potential identity theft because, from what the news reported, a "virus" was discovered on one of their laptops containing personal information about 6,000 of theier employees.  When discussing privacy breaches it seems that there is a very wide range of definitions for what constitutes a privacy breach.  This is the first time I've seen a virus infecting a laptop being considered a privacy breach.  Perhaps there is something I'm missing...so I checked other sources.  The Des Moines NBC television station reported that the laptop computer was "illegally accessed."  The ABC affiliate in Cedar Falls reported even fewer details.  Radio Iowa reported a few more details, indicating "...a fire in November in the Cedar Falls school's business building contributed to the breach in computer security...the laptop computer was purchased the day before the fire and since the fire, the business office has been moved twice..."  It also indicated a "bot" was discovered on the computer, which is why they reported the incident as a privacy breach.  It would be interesting to do a little digging to see types of information these bots have already collected, and what the potential is for them.

Technorati Tags


 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold on February 18, 2006 8:36 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-itcompliance.com/type/mt-tb.cgi/9

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold,CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for over 18 years. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the 25 top privacy experts and on their list of the 9 best privacy consulting firms. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 11th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.