Category: Compliance

What Every Database Administrator Should Know About Security

[The following is excerpted from "What Every Database Administrator Should Know About Security," a new report posted this week on Dark Reading's Database Security Tech Center.] To say that there is friction between security professionals and database administrators (DBAs) is putting it mildly. Database administrators are both the caretakers of database platforms and the managers of data. Very seldom are they also security experts. In many enterprises, the DBA and the security team find themselves at odds because the DBA is…

Click for complete article >>

De-FUD-ing Privileged User Management

I am proud to write this column for Dark Reading. The biggest reason is I get to share two decades of stuff I’ve seen with databases and security with you, and it starts really good conversations every time I attend security conferences and meet readers face-to-face. I can share perspective, help clarify issues around database threats, and explain the pros and cons of database security products. On occasion, I even get to call BS on things I believe only confuse DBAs and…

Click for complete article >>

Top Data Breaches (That I Know About) Of 2012Team Shatter Exclusive


As 2012 is coming to a close, it’s a good time to take a look back at some of the biggest and most interesting data breaches over the past year, to see how these attacks occurred, and how each organization was affected by the hack. The breaches from 2012 run the gamut, ranging from retail to government and from insurance companies to internet moguls. During 2012, we probably saw some of the most sophisticated and complex malware ever with Flame…

Click for complete article >>

Small Physician Offices Are Primary Source Of Health Care Related Data Breaches

Posted December 5, 2012 by TeamSHATTER Admin in Data Breach, Database Security, Health Care, HIPAA with 0 comments

Small physician practices, much like their small commercial business counterparts, have been the primary source of health care related data breaches, according to an analysis of breaches from 2009 to October 2012 released today by the Health Information Trust Alliance (HITRUST). These smaller medical offices, usually well under 100 employees, lack the IT or information security resources to adequately deal with a wide array of cybercriminals eyeing electronic health records and personal information that has considerable value in the black…

Click for complete article >>

Chilling Database Security Horror Stories That Show How Scary Exploits Can Be

Posted October 26, 2012 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, FISMA with 0 comments

Database security may not be quite as sexy as a teenage party in a classic horror film. But when it’s done wrong, technology executives, CEOs, and customers alike would shiver at the consequences. Don’t think so? Then read just a few of the horror stories laid out by some of the grizzled penetration tester vets we quizzed here. Their exploits show how scary bad database security can really be. Click for complete article >>

Click for complete article >>

Global Payments Pays Another $55 To $65 Million For March 2012 Data Breach

Posted October 2, 2012 by TeamSHATTER Admin in Breach Costs, Data Breach, Database Security, Finance and Banking, PCI with 0 comments

Atlanta-based payment processor Global Payments expects to take a hit of another $55 to $65 million related to a data breach it sustained earlier this year. The incident, revealed in March, involved the exposure of 1.5 million credit and debit card numbers to hackers. Already, the company has announced the breach cost $84.4 million. Click for complete article >>

Click for complete article >>

Massachusetts Eye And Ear Associates Inc. To Pay $1.5 Million For Potential Violations Of The HIPAA Security Rule

Posted September 18, 2012 by TeamSHATTER Admin in Data Breach, Database Security, Fines and Penalties, Health Care, HIPAA with 0 comments

Another HIPAA data breach settlement has been reached, this time with the Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates Inc. (MEEI), which will pay $1.5 million to the Department of Health and Human Services (HHS) for potential violations of the HIPAA Security Rule. HHS officials announced Monday that the settlement also requires MEEI to take corrective action to improve policies and procedures to safeguard the privacy and security of its patients’ protected health information. Click for…

Click for complete article >>

University Of Miami Hospital Suffers Data Breach, Fires Two Suspected Employees

Posted September 14, 2012 by TeamSHATTER Admin in Data Breach, Database Security, Health Care, HIPAA with 0 comments

The University of Miami Hospital has fired two employees suspected of stealing and possibly selling the personally identifiable information (PII) of patients. The health system announced the breach last week — the second to occur there this year — and began notifying those affected. A website detailing the incident also was set up. Click for complete article >>

Click for complete article >>

U.S. Environmental Protection Agency Scolded For Poor Security Practices

Posted August 24, 2012 by TeamSHATTER Admin in Data Breach, Database Security, FISMA, Government (Federal) with 0 comments
broken link

The U.S. Environmental Protection Agency (EPA) needs to clean up its security act, according to the investigative arm of Congress. In a report released this week, the federal Government Accountability Office (GAO) found that the department charged with protecting human health and the environment is falling short at protecting its systems from unauthorized access. Click for complete article >>

Click for complete article >>

‘Wall Of Shame’ Shows 21 Million Data Breaches In Healthcare

Posted August 8, 2012 by TeamSHATTER Admin in Data Breach, Database Security, Health Care, HIPAA with 0 comments
medical breach

Over the past three years, about 21 million patients have had their medical records exposed in data security breaches that were big enough to require they be reported to the federal government. Since Sept. 2009, 477 breaches affecting 500 people or more each have been reported to the Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services. In total, the health records of 20,970,222 people have been compromised, the OCR said. The Office for Civil…

Click for complete article >>
Powered by