[Dataloss] Hospital laptop walks away during disaster drill, patient data back to 2000 does, too
blitz
blitz at strikenet.kicks-ass.net
Sat Aug 5 18:12:26 EDT 2006
Its a simple matter as you know, to remove the drive, Norton ghost it
to another, and then the laptop could be returned, alleviating fears
of the data loss.
Even more insidious, is they could just report it's been recovered.
Then the culprits (assuming the data is their target) can have all
the time they want to use the data for whatever purposes.
At 11:38 8/5/2006, you wrote:
>Chris Walsh wrote:
> > According to the letter, a copy of which was obtained by the Journal,
> > the computer was password protected and there is "no evidence that
> > the hard drive has been inappropriately accessed.''
>
>It takes about 3 minutes to change the Administrator password (10 if
>it's your first time) using a common tool found on the Internet if you
>have physical access to the Windows PC. And without possession of the
>laptop, how can they state that the hard drive has not been accessed in
>any fashion, appropriate or inappropriate?
>
>George Toft, CISSP, MSIS
>My IT Department
>www.myITaz.com
>480-544-1067
>
>Confidential data protection experts for the financial industry.
>
>
>_______________________________________________
>Dataloss Mailing List (dataloss at attrition.org)
>http://attrition.org/errata/dataloss/
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060805/e991ffcd/attachment.html
More information about the Dataloss
mailing list