[Dataloss] Addt'l info on Ohio U 4+5

Dennis Opacki DOpacki at Covestic.com
Tue Jun 13 18:03:52 EDT 2006


Is it just me, or do disclaimers like, "there is no evidence that any of the information has been misused" provide little comfort? Other than PR spin, do they serve some underlying legal purpose?
 
-Dennis Opacki, CISSP QDSP
 Covestic, Inc.


________________________________

From: dataloss-bounces at attrition.org on behalf of Chris Walsh
Sent: Mon 6/12/2006 11:09 PM
To: dataloss at attrition.org
Subject: [Dataloss] Addt'l info on Ohio U 4+5



"
A breach was discovered on a computer that housed IRS 1099 forms for 2,480 vendors and independent contractors for calendar years 2004 and 2005. There is no evidence that any of the information has been misused.

Event 5: A breach was discovered on a computer that hosted a variety of Web-based forms, including some that processed on-line business transactions. Although this computer was not set up to store personal information, investigators did discover files that contained fragments of personal information, including Social Security numbers. The data is fragmentary and it is not certain if the compromised information can be traced to individuals. Also found on the computer were 12 credit card numbers that were used for event registration. There is no evidence that nay of the information has been misued.
"

Via http://www.ohio.edu/datasecurity/

Typos in the orginal.

_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/errata/dataloss/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060613/98c59314/attachment.html 


More information about the Dataloss mailing list