Monday Morning News Kick Off: FCC Seeks Public Input for Cybersecurity, VA Posts Data Breach Reports Online and Much More

Welcome to the Monday Morning News Kick Off post from the ITAC blog. As always, we have compiled all the key cyber security, data breach and identity theft news you need at the start of the week. And, as always, be sure to come back through out the the week to check out our ever popular “Worst” and “Best” persons in identity theft.

Awareness about Cyber Security Needs to be Enhanced
A national survey conducted by Heart + Mind Strategies for the National Cyber Security Alliance, referred to as NCSA , and the Anti Phishing working Group, referred to as APWG, was conducted as part of a public-private messaging convention to increase awareness of cyber- security related messaging for the general public. According to the results released by NCSA, the majority of Americans felt that personal online actions contributed greatly to online safety. Almost 96 percent of those surveyed felt that exercising individual responsibility was an important factor for ensuring their personal online security, and 93 percent said that exercising individual responsibility was not only a key factor to ensure the safety of friends and family, but it also made the Web safer for everyone else. Read the full TMCNet article here.

FCC Charts ‘Cybersecurity Roadmap’ With Public’s Help
The Federal Communications Commission wants help in developing its plan for dealing with vulnerabilities of core Internet protocols and technologies, as well as online threats to consumers, businesses and government agencies. The FCC posted a public notice Aug. 9 requesting comments on the role the commission should play in cybersecurity programs. Those comments will be used as the commission develops its cybersecurity plan or “Cybersecurity Roadmap.” The road map was called for in the FCC’s overall plan to expand broadband access in the United States. That overall strategy, called the National Broadband Plan (NBP), was released by the commission in March. Read the full FCW blog post here.

Software Upgrade Leads to Student Info Leak
More than 20,000 South Florida college students were put at risk of identity theft. Broward College officials say a third party used to store students’ personal information leaked the information for almost a week. Now, the company responsible is telling students to be on alert. Broward College student Alaysia Harris is one of 24,000 students now finding out that their personal information could be in the wrong hands. “This morning my mom called me and let me know,” she said, so she immediately called her bank. In a letter, the College Center for Library Automation, based in Tallahassee, admits it leaked summer school students’ information over the Internet for five days. It happened during a software upgrade. Now students worried about identity theft. Read the full NBC Miami story here.

VA Posts Data Breach Reports Online
Once again showing that it’s serious about transparency, the Department of Veterans Affairs (VA) has begun posting reports about data breaches on its website. The monthly reports, which the agency compiles for Congress, list different ways the VA has lost data, such as through lost hardware or misdirected emails. For example, a report (PDF) from July 5 to Aug. 1 shows the agency lost two PCs, 13 BlackBerry devices and six laptops. It also reported 103 of so-called “mis-mailed” incidents, and 90 “mis-handling” incidents. All of the lost laptops were encrypted, according to the report. Read the full InformationWeek story here.

Paper Data Breach Hits Four Hospitals
Four community hospitals in Massachusetts and their associated pathology practices are investigating major breaches after tens of thousands of paper pathology records were found at a recycling station by a Boston Globe photographer who was dropping off his trash. The hospitals are Carney Hospital, Holyoke Medical Center, Milford Regional Medical Center and Milton Hospital. The records were dumped by the former owner of a billing company who sold the company around June 1, with the new owner retaining only records from 2010, according to the newspaper. The dumped records appear to be pathology reports from 2007 to early 2010, which include names, addresses, dates of birth, diagnoses, insurance policy numbers and Social Security numbers. Read the full Health Data Management article here.