NEW ORLEANS
--
A BP employee lost a laptop containing personal data belonging to thousands of residents who filed claims for compensation after the Gulf oil spill, a company spokesman said Tuesday.
BP spokesman Curtis Thomas said the oil giant on Monday mailed out letters to roughly 13,000 people whose data was stored on the computer, notifying them about the potential data security breach and offering to pay for their credit to be monitored. The company also reported the missing laptop to law enforcement, he said.
The laptop was password-protected, but the information was not encrypted, Thomas said.
The data included a spreadsheet of claimants' names, Social Security numbers, phone numbers and addresses. But Thomas said the company doesn't have any evidence that claimants' personal information has been misused.
"We're committed to the people of the Gulf Coast states affected by the Deepwater Horizon accident and spill, and we deeply regret that this occurred," he said.
The data belonged to individuals who filed claims with BP before the Gulf Coast Claims Facility took over the processing of claims in August. BP paid roughly $400 million in claims before the switch. As of Tuesday, the GCCF had paid roughly $3.6 billion to 172,539 claimants.
Thomas said no one will have to resubmit a claim because of the lost data.
The employee lost the laptop on March 1 during "routine business travel," said Thomas, who declined to elaborate on the circumstances.
"If it was stolen, we think it was a crime of opportunity, but it was initially lost," Thomas said.
BP is offering to pay for claimants to have their credit monitored by Equifax, an Atlanta-based credit bureau.
Asked why nearly a month elapsed before BP notified residents about the missing laptop, Thomas said, "We were doing our due diligence and investigating."
Matt O'Brien, part owner of Tiger Pass Seafood, a shrimp dock in Venice, La., said he had filed a claim with BP before the GCCF took over processing claims in August. A call from an AP reporter on Tuesday was the first he had heard that his personal information may have been among the data compromised.
"That's like it's par for the course for them," O'Brien said of BP. "They can't seem to do nothing right."
Beau Weber, a fishing guide in Lafitte, La., also had filed a claim with BP prior to Aug. 23, and he had even received several monthly payments from BP. He said he hadn't received a letter from BP about the missing laptop.
"It's terrible," he said of the breach. "I kinda work hard for the things I have. I wouldn't want somebody with a computer to be able to take it from me. It's very disturbing. It's like another gallon of gas thrown on the fire."
Political 'hacktivists' attack city websites in North Miami, Hillsboro Beach
Hackers infiltrate websites to post anti-Israeli messages
BY ADAM H. BEASLEY
The Miami Herald
Updated: 01-20-2011 11:51 am
Jan. 19--Most days, North Miami's website is the place to go for the city's calendar of events, instructions on requesting a water bill and information on trash pickup.
But over the long holiday weekend, the municipality's official site provided a far more sinister -- and entirely unintended -- message.
Anti-Israeli hackers sidestepped ineffective firewalls and redirected visitors to a jarring note:
"God d*** Murderer Israel and ABD [an Arabic slur meaning subordinate]. I am protesting the israel.I am near the PALESTINE people."
The note, which was later taken down, was signed SLYHACKER.
Thirty-five miles to the north, Hillsboro Beach officials had a similar headache Tuesday morning, as they were forced to scrub cyber graffiti from their own site.
A pro-Iranian hacker had inserted a map of the Middle Eastern nation and its flag, as well as three words in bold type: MCSM IRAN HACKING.
It's not clear if -- and given the vast number of Internet troublemakers around the globe, it's unlikely that -- the two incidents were at all connected.
But there's little doubt "hacktivism," politically based cyber attacks by independent groups, are on the rise, and any city, town or borough with out-of-date security software is at risk.
"They've been doing it for the last 10 or so years, but they're really starting to flood the zone in recent years," said Alex Heid, a South Florida-based "ethical hacker" who provides cyber security best-practices to businesses and governments. "There is a large hacking community in North Africa and the Middle East.
"For the most part, they're not really destructive or commit financial fraud," Heid added. "They just look for ways to get their message out."
And they look for easy targets. They found two in North Miami and Hillsboro Beach, which Heid said were open to mischief by even the most novice hacker.
For Hillsboro Beach, cleaning up its site was a daylong game of whack-a-mole. By early Tuesday afternoon, the flag was gone, but the website was defaced with writing in Arabic.
"If I shut it down, it will cut off e-mail access to our employees," said Jean-Marie Mark, the town's clerk. "It's frustrating."
Telephone calls flooded into Hillsboro Town Hall about the website, which was first hacked Jan. 11, Mark said.
She worked with the website hosting company, Boca Raton-based Verio, and initially they were able to fix it. But the images returned over the weekend. And Monday was a holiday, so nothing could be done.
Verio "wanted a day or two to go through everything to figure out how sophisticated the hacker is," Mark said. Early Tuesday, she was still waiting for the company to fix the problem.
But with just a cursory glance of the website, Heid claimed to have pinpointed its weaknesses -- a decade-old web applications and a system that needs "sanitizing."
In North Miami, this weekend's security breach was the latest in a series of recent hacking incidents, according to city spokeswoman Pam Solomon. They began a few months back, and crop up at least once a week. The city's information technology specialists have tried to minimize the attacks, from moving the hosting sites to changing passwords twice a day.
"We want to have control over our message," Solomon said. "You don't want to feel like our message is being violated."
0 comments:
Post a Comment