Many businesses invest heavily in Data Loss Prevention (DLP) systems that prevent users from intentionally or accidentally leaking sensitive data. But a recent incident at Heathrow Airport highlights the challenges. An unencrypted USB stick containing security arrangements from the queen and other information was found on a street by a man in West London.
Usually, when we read stories about Sweden the focus is either on the quality of their education system or ABBA. But this week, the Swedish government is red-faced after being embroiled in a massive data leak affecting millions of citizens, including those in highly sensitive military roles and in witness protection.
Last week's Medicare number leak is a prime example of what can happen when an employee or other trusted party with systems access turns rogue. In truth, if just 80 or so Medicare numbers have been purchased, as has been widely reported, then Medicare has got off lightly. But how big a deal are internal threats? And can we do anything about them?
Over the last couple of days, a major privacy story has broken with a journalist from The Guardian buying their Medicare records from a source on the dark web. Today, Health Minister Alan Tudge has said the data, which can be bought for around $25 per record, is not part of a massive leak but more likely the accessing of data using stolen account credentials.
