Johannesburg, 22 Aug 2008
Organisations are being reminded of the importance of data protection following media reports that more than 100 000 student records were accidentally made available online, says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"The security blunder by The Princeton Review, an educational support services provider, is believed to have happened as a result of the company changing Internet providers earlier this year, exposing the confidential data for seven weeks."
According to Myroff, The Princeton Review's publicly accessible and searchable Web site exposed the dates of birth and names of 74 000 students in Virginia.
"In addition, another file revealed the dates of birth, test scores and ethnicity of 34 000 students in Florida, after the county hired The Princeton Review to measure academic progress.
"While The Princeton Review has taken action over this data breach, it should never have happened in the first place. The information should have been held securely, and identifying data, such as names and full dates of birth, should have been wiped from the files."
He says the data breach was discovered and exposed by a competitor of The Princeton Review as it conducted competitive intelligence.
Latest threats
This week's line-up of low to medium prevalence threats includes the Troj/Dloadr-BQP Trojan, currently affecting Windows users, says Myroff.
"Mal/PicEx-A has also been noted and demonstrates malicious behaviour. It is occurring under the alias of Mal_DRPR and drops more malware."
Furthermore, says Myroff, the Troj/Banker-EMX Trojan is also affecting the Windows platform.
"Another Trojan making the rounds, Troj/Bckdr-QPC, drops more malware and installs itself in the registry."
Troj/Drop-AM, also on the radar, occurs under a number of aliases, he concludes.
Share