This is the time of year when all the Top 10, Best of, and Worst of lists come out. And just for the folks who worry about data breaches, information security, identity theft and institutional stupidity, ComputerWorld has rolled out their 2009 Data Breach Hall of Shame.
In no particular order–but each special in its own way–here are five of the data breaches ComputerWorld deems most egregious:
Transportation Security Administration (TSA), for posting highly guarded secrets of airport security and screening procedures on the Internet. Want information on how to sneak explosives onto a plane? It’s in there along with a lot of other terrorist and nutjob-friendly information.
Heartland Payment Systems, for the sheer magnitude of the breach. The latest estimate is that data from 130 million credit and debit cards was stolen; current US population is roughly 305 million, including children.
Health Net, for remaining hush-hush for six months about the loss of an hard drive holding names, addresses, Social Security numbers as well as financial and medical information on roughly 1.5 million patients.
U.S. GPO, because some illiterate nitwit misread the label on a document detailing hundreds of civilian nuclear sites. As a result what actually read as “Highly Confidential Safeguards Sensitive” was misinterpreted as “Post to Internet for All to See.”
RockYou Inc, for serving up 32.6 million unencrypted social networking (Facebook, etc.) passwords to a hacker this week. This one should definitely be filed under the heading of institutional stupidity.
