Saving a Humpback Whale

homunculus — Thu, 14 Jul 2011 16:01:07 -0800

Saving Valentina. A group of five friends out boating on the Sea of Cortez discovered a young humpback whale entangled in fishing net and possibly near death. After about an hour of hard work they were able to free the whale, who proceeded to put on an amazing show for her rescuers. [Via]

2010: The Year in Data Breaches

These Premises Are Alarmed — Tue, 28 Dec 2010 09:56:29 -0800

Wikileaks may have been the big news, but there were numerous other data breaches in 2010. The year started off with 'Aurora' - a coordinated attack against Google, Adobe, and others, which used vulnerabilities an Internet Explorer and Adobe Reader and Acrobat to steal intellectual property and attempt to access to the Gmail accounts of human rights activists. This attack brought the phrase "Advanced Persistent Threat" into the lexicon. Also, it supposedly got Google to switch all employees off Windows systems and take a more 'open' approach towards China. It wasn't just the big guys. Many, many small businesses were targeted, too. Specialized malware hit systems used for accounting and stole hundreds of thousands of dollars, often using "money mules" recruited through help-wanted ads. Health care companies also lost your info: a former Wellpoint employee was convicted of stealing health care providers' info to buy cell phones and forge checks. Wellpoint also notified up to 470,000 members that their personal health and financial information, including some social security numbers, were exposed after a botched website upgrade. Aetna threw out a file cabinet with the personal information of about 5,000 customers, Marsh and Mercer lost a backup tape being sent by courier with data for 121 patients and KPMG lost an unencrypted flash drive with 3,630 records. All in all "medical identity theft" struck 5.8% of US adults. Hotels, especially luxury brands, rose in prominence as targets of data thieves. Westin and Wyndham both acknowledged being hit. HEI, operator of Marriotts, Sheratons and Westins, sent letters to 3,400 customers stating their credit card numbers may have been compromised. AT&T and Apple got bad press for exposing the email address of everyone who bought an iPhone 4 in its early days, and disclosing[*] information on 114,000 3G iPad purchasers. Even an Energizer USB battery charger contained a backdoor that allowed remote access into the user's system. Malicious code spread through Twitter and a large email marketing firm had their database stolen. Banks remained a popular target. They did themselves no favors: it was reported up to 9,000 USB sticks are left in suit pockets at dry cleaners in London. A couple ID thieves were convicted of stealing names and account numbers at Wells Fargo, and Wells had more trouble with insider breaches. Hackers hit online check image archiving companies for $9 million. Can't get your bank on the phone? Maybe you're the victim of a telecom denial of service, where your phone system is overloaded to divert your bank trying to confirm a transaction. Governments lose data too: from UK Ministry of Defence down to state retirement boards. And, high school students still test their school's systems. Former NYC employees stole birth certificates and social security cards to sell. The Stuxnet worm supposedly was written by one government to target the operations of another. The Pentagon reported the "most serious" breach ever, caused by a flash drive inserted into a military laptop. Security remains hard to do right: the much-hyped Haystack program to allow dissidents free communication turned out to be snakeoil. Intel admitted the encryption key for Blu-Ray was disclosed, possibly having been brute-forced instead of leaked. A proprietary encryption key in car immobilizers was cracked. The BackTrack security testing Linux distro had their site compromised. [*] Link goes to Gawker, who had their own small data breach incident, too. Want to read more? My most frequent sources are The Office of Inadequate Security, the RISKS digest, and the great reporting of Brian Krebs.

MetaFilter posts tagged with breach

Literally?

Saving a Humpback Whale

2010: The Year in Data Breaches