Fallon: stolen computer had members' information

Fallon: stolen computer had members' information
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.telecom  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Fallon: stolen computer had members' information Monty Solomon 01-26-2008
Posted by Monty Solomon on January 26, 2008, 9:40 am
If you were  Registered and logged in, you could reply and use other advanced thread options


http://www.boston.com/business/ticker/2008/01/fallon_stolen_c.html

Fallon: stolen computer had members' information
January 24, 2008 05:43 PM

Fallon Community Health Plan said a laptop computer was stolen
containing personal information for all the members of its Fallon
Senior Medicare Advantage and Summit ElderCare plans. The computer
contained claims data for about 30,000 people, or about 15 percent of
Fallon's overall membership.

The insurer said the computer belonged to a third-party vendor in
Boston, which it declined to identify, and was stolen from that
firm's offices.

Fallon is offering free credit monitoring -- which would alert
members or their families to any unusual activity in their financial
accounts -- to anyone whose personal information was stolen. Chief
executive Eric H. Schultz said Fallon is working with law enforcement
officials to recover the computer.

(By Jeffrey Krasner, Globe staff)


Pure Networks
Posted by mc on January 27, 2008, 5:35 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

>
>
> http://www.boston.com/business/ticker/2008/01/fallon_stolen_c.html
>
> Fallon: stolen computer had members' information
> January 24, 2008 05:43 PM
>
> Fallon Community Health Plan said a laptop computer was stolen
> containing personal information for all the members of its Fallon
> Senior Medicare Advantage and Summit ElderCare plans. The computer
> contained claims data for about 30,000 people, or about 15 percent of
> Fallon's overall membership.
[Moderator Snip]

*Sigh* Why do people put these databases on laptops in the first place?
For what possible purpose? Shouldn't that kind of data be on a server?


Posted by T on January 28, 2008, 11:17 am
If you were  Registered and logged in, you could reply and use other advanced thread options
look@www.ai.uga.edu.for.address says...
>
> >
> >
> > http://www.boston.com/business/ticker/2008/01/fallon_stolen_c.html
> >
> > Fallon: stolen computer had members' information
> > January 24, 2008 05:43 PM
> >
> > Fallon Community Health Plan said a laptop computer was stolen
> > containing personal information for all the members of its Fallon
> > Senior Medicare Advantage and Summit ElderCare plans. The computer
> > contained claims data for about 30,000 people, or about 15 percent of
> > Fallon's overall membership.
> [Moderator Snip]
>
> *Sigh* Why do people put these databases on laptops in the first place?
> For what possible purpose? Shouldn't that kind of data be on a server?
>
>

It's because sometimes you're doing work on developing a new tool or
what have you and you need the dataset to make it work.

Of course when we did the corporate database where I formerly worked I
wouldn't let them have actual data. I exported the table structures with
no data in them and then populated it with dummy data.


Posted by 1100GS_rider on January 30, 2008, 11:39 am
If you were  Registered and logged in, you could reply and use other advanced thread options

> look@www.ai.uga.edu.for.address says...
> >
> > >
> > >
> > > http://www.boston.com/business/ticker/2008/01/fallon_stolen_c.html
> > >
> > > Fallon: stolen computer had members' information
> > > January 24, 2008 05:43 PM
> > >
> > > Fallon Community Health Plan said a laptop computer was stolen
> > > containing personal information for all the members of its Fallon
> > > Senior Medicare Advantage and Summit ElderCare plans. The computer
> > > contained claims data for about 30,000 people, or about 15 percent of
> > > Fallon's overall membership.
> > [Moderator Snip]
> >
> > *Sigh* Why do people put these databases on laptops in the first place?
> > For what possible purpose? Shouldn't that kind of data be on a server?
> >
> >
>
> It's because sometimes you're doing work on developing a new tool or
> what have you and you need the dataset to make it work.
>
> Of course when we did the corporate database where I formerly worked I
> wouldn't let them have actual data. I exported the table structures with
> no data in them and then populated it with dummy data.

That is the only sensible approach. There ought to be huge penalties
for anybody who puts actual identity theft data onto a laptop.


***** Moderator's Note *****

That's not always feasable: the prime directive of computer programming is
the same as the prime law of medicine - "First, do no harm".

In order to make sure that program changes don't break existing code,
a programmer _must_ test his changes against a "corpus" of existing
data, in order to find the (sometimes subtle) interactions which
plague old "spaghetti code" programs and break them in hard-to-find
ways at the worst possible time.

In theory, it's possible to create a corpus of test data that
accurately reflects the larger database. Theory and practice don't
mix well in production environments, and there's never enough time to
maintain test databases properly or to create new test cases for each
program change.

Managers know that theft is a remote possibility, and their bosses ire
at a missed deadline is real, in-your-face, and right now. They
usually make the obvious choice.

Bill Horne
Temporary Moderator


Posted by 1100GS_rider on January 31, 2008, 3:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Managers know that theft is a remote possibility, and their bosses ire
> at a missed deadline is real, in-your-face, and right now. They
> usually make the obvious choice.

That's where the legal penalties kick in, to provide the proper
incentives to take care of private information.


***** Moderator's Note *****

That may be so, but bureaucracies don't work in a way that reinforce
such events, so the end result is "no change". Bruce "Secrets and
Lies" Schnier has pointed out repeatedly that security will only
become routine when insurance companies impose it as a condition of
underwriting the associated risks. I agree.

YMMV.

Bill Horne
Temporary Moderator


Similar ThreadsPosted
Credit Information Stolen From DSW Stores March 8, 2005, 10:13 pm
Re: Credit Information Stolen From DSW Stores April 18, 2005, 11:29 pm
DOE Computers Hacked; Information on 1500 Employees Stolen, Misused June 11, 2006, 7:57 pm
www.bluesecurity.com Members Urged to Get Out May 8, 2006, 1:02 pm
A Message from AT&T for Yahoo Members May 12, 2007, 1:26 am
Re: A Message from AT&T for Yahoo Members May 12, 2007, 9:47 pm
Re: A Message from AT&T for Yahoo Members May 13, 2007, 7:18 pm
Last Laugh! How Many Members of Bush Administration Does it Take September 13, 2005, 2:28 pm
Re: Last Laugh! How Many Members of Bush Administration September 14, 2005, 6:01 am
Re: Last Laugh! How Many Members of Bush Administration September 15, 2005, 12:59 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map