N.J. accidentally reveals personal data of 28K unemployed residents

Article here => http://www.nj.com/news/index.ssf/2009/05/3k_unemployed_nj_residents_may.html

Somehow these statements make it ok? => "This is a fluke," department spokesman Kevin Smith said. "This was just a clerical error."

Right, it's just a clerical error that affects 28,000 individuals lol. I'll grant them that it's not as major as many other items that have occurred.. but they seem to not take it seriously is my short and sweet point!

Yes, they (as I have stated in the past) like all other agencies have a standard => http://www.state.nj.us/it/ps/p7cir.html, but evidently as long as "It's just a clerical error" again, it's ok.

Anyway, just wanted to start the week off on a small soap box ;-)

Cheers,
JJC

DC Agency Accidentally Emails PII about College Financial Aide Applicants <= WHAT?

Yes, the headline is indeed true. Yet another in a seemingly endless series of silly (stupid) mistakes made by individuals that lead to significant data leakage.

The Article:
D.C. Agency Accidentally E-Mails Personal Data About College Financial Aid Applicants

How many times is this going to happen before people begin to take things as simple as user education / training, as related to security, seriously? Having worked for a variety of branches within the federal government, I can tell you that they do have some fairly basic protocols in-place that allow for basic online (depending on the agency/organization either annual, semi-annual etc...) instruction and in the same session, testing. This then creates a nifty little certificate that you can hang in your little cubicle and is tracked by the CSO (or equivalent thereof) to provide for proof that said Agency/organization is meeting with their requirements.

Evidently though, the "don't email sensitive rubbish out" section was missing in the OSSE's online curriculum?

You tell me...
JJC