Oh the irony…
USDA Information Breach
WASHINGTON, June 21, 2006- Agriculture Secretary Mike Johanns today directed that notifications be sent to Washington, D.C. area employees of the U.S. Department of Agriculture (USDA) whose personal identity information might have been compromised when USDA computer systems were illegally accessed. Johanns also committed to providing one year of free credit monitoring services to potentially affected employees.
Johanns was informed today of the possible breach during a briefing on the status of a forensic investigation into the incident. He was first notified of the incident on June 6, at which time he was assured that personal identity information had been protected. However, subsequent forensic analysis leaves uncertain whether personal information was protected, prompting today’s notification. The intrusion took place during the first weekend in June.
The personal identity information potentially accessed includes individual’s names, social security numbers, and photos. Worksite information that is readily available to the public is also contained within the database. Approximately 26,000 current and former Washington, D.C. area USDA employees and contractors are potentially affected.
-USDA Press Release 6/21/06
The USDA and state Departments of Agriculture are asking a lot of personal questions of livestock owners. They say are going to store the information in databases that will be accessible online so that all animal event reports will be made electronically for efficiency. They say, “It is secure, trust us!”
40 Million Accounts Exposed
Of those exposed accounts, about 13.9 million are for MasterCard-branded cards, the company said in a statement. Some 20 million Visa-branded cards may have been affected and the remaining accounts were other brands, including American Express and Discover.
-CNet
I have some bad news for the government, there is no such thing as a secure database connected to the internet. Not just that, but if there are any humans involved the security is compromised even for a disconnected database. Even a “100% secure” system can be compromised by willful insiders or by those who are simply careless or stupid. Connecting it so that people can access the system electronically, a.k.a., over the internet, just makes violating the system that much easier. Big targets are even more appealing than small ones. The USDA wants to make a really, really big target for agri-terrorists. YOU are in the cross hairs on that target…
Human Curiosity Virus
We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.
The next hurdle we had was getting the USB drives in the hands of the credit union’s internal users. I made my way to the credit union at about 6 a.m. to make sure no employees saw us. I then proceeded to scatter the drives in the parking lot, smoking areas, and other areas employees frequented.
After about three days, we figured we had collected enough data. When I started to review our findings, I was amazed at the results. Of the 20 USB drives we planted, 15 were found by employees, and all had been plugged into company computers. The data we obtained helped us to compromise additional systems, and the best part of the whole scheme was its convenience. We never broke a sweat. Everything that needed to happen did, and in a way it was completely transparent to the users, the network, and credit union management.
-Dark Reading
Banks & Credit Card companies lose data all the time. Every month we read about more of these security violations. This week I got a letter from one of our banks letting me know our identity may be stolen because they had an ‘oops’ event and 2.6 million customer account records were stolen by hackers. They offered me a free credit report as compensation. Gee, thanks. The government, of course, will be more careful and do better. Right…
IRS Loses Data
The computer was lost during transit on an airline flight in the western United States, IRS spokesman Terry Lemon said. No taxpayer information was on the lost laptop, Lemon said. The IRS believes the computer contained information on 291 employees and job applicants, including fingerprints, names, Social Security numbers, and dates of birth.
-MSNBC
The first interesting thing about this report is they say that “No taxpayer information was on the lost laptop.” I guess IRS employees and applicants don’t pay taxes. But Freudian slips aside, we have to remember the old axiom about, “We’re from the Government - we’re here to help you.” Unfortunately the government just doesn’t get the fact that we don’t want its help losing our sensitive data. Of course, they’ll help afterwards, right? Like they did the victims of Katrina…
VA Loses Data
Heads should roll at the Department of Veterans Affairs for the unprecedented level of incompetence that was displayed with the loss of Social Security numbers and other personal information, including from as many as 2.2 million current U.S. military personnel.
Perhaps as galling as the loss of the data itself is the fact that it took a month for the VA to figure out that the personal data for as many as 1.1 million active-duty military personnel, 430,000 National Guard members and 645,000 reserve members likely were part of the electronic data stolen May 3 during a burglary of a department employee’s house. The 60-year-old analyst was not authorized to take home the laptop and external drive that contained the data and has been fired.
The Leaf Chronicle
What the government doesn’t seem to understand is that centralized database is an open invitation to terrorists, both domestic and foreign. Couple this with 10-kilometer kill zones so the terrorists and animal ‘rights’ activists can computer map a ideal kill plan for spreading bio-terrorism. Factory farms, feedlots and big producers should be very scared because while they might have tight security, under the USDA’s depopulation plans it will only take an infection even in wild life to condemn all the livestock at a nearby Agri-Corp. It isn’t just the little guys that are going to suffer in this scenario. Cargil & Tyson beware.
USDA Loses 300,000 Records
The Agriculture Department said Wednesday it had accidentally released the Social Security and tax identification numbers of 350,000 tobacco farmers.
The agency said it inadvertently released the data in response to Freedom of Information Act requests about the tobacco buyout program. The information went to eight different people or groups.
-Herald Sun
Some people will tell you that someone can just Google the information but that is a lame excuse for a lack of security. Just because we can look someone up on Google Maps, etc doesn’t mean people are going to feel good about putting all the data in a handy easy to reference and hack central location. The USDA and state databases put all our information in nice neat central, hackable systems for terrorists.
Stolen Server Sparks Fears
Nearly 1 million prospective AIG customers could be at risk. A thief recently stole a computer server belonging to a major U.S. insurance company, and company officials now fear that the personal data of nearly 1 million people could be at risk, insurance industry sources tell NBC News.
The computer server contains personal electronic data for 930,000 Americans, including names, Social Security numbers and tens of thousands of medical records. The server was stolen on March 31, along with a camcorder and other office equipment, during a break-in at a Midwest office of American Insurance Group (AIG), company officials confirm.
-NBC News
To give an analogy, my nine year old can write a software program to generate all possible credit card numbers, dates and security codes using an algorithm and then test them to check for validity by doing small charges (this has been done by criminals) through the credit card validation network across the internet. But that is slow hard work. Having access to a database giving a specific set of valid numbers is far more valuable. A database, of name, address, cc#, date, security code is much, much more useful for a criminal than a simple list of numbers.
Jackson Workers Data Stolen
Jackson Health System employees could be at risk of identity theft after two laptops containing personal information were stolen in December. The Jackson Health incident comes amid a spate of recent laptop thefts that has put the personal information of millions of Americans at risk and reveals the particular vulnerability of portable computing devices.
-Miami Herald
People no longer trust businesses or government to securely store their data because of the large number of cases of known losses of large amounts of personal data. The more data per record that is added the scarier it gets and NAIS has a lot making it very invasive.
D.C. Workers’ Data Stolen
A laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen, officials said. The computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services, said officials with the company, which administers the district’s retirement plan. The company did not notify city employees of the theft until late Friday because it took officials several days to determine what information was stored on the laptop, ING spokeswoman Caroline Campbell said. The laptop was not password-protected and the data was not encrypted, Campbell said. Two other ING laptops containing information on 8,500 Florida hospital workers were stolen in December, but the employees were not notified until this week, said ING spokesman Chuck Eudy. Neither laptop was encrypted, he said.
-APNews
Your data doppleganger may be out there already, taking out loans, spending money, using credit cards in your name. Banks have an extreme financial incentive to stop this sort of thing yet they are completely impotent. The government, a bunch of bunglers by committee, wants to create more databases that will be compromised releasing more data about us into the wild and then expects us to “trust them?” Right…
Payroll Data Accidentally Faxed
A national payroll company accidentally faxed personal and payroll information to a Nashua man, exposing workers to potential identity theft. Paul Dullea, a financial planner who lives in Nashua, said he received 121 pages of information Thursday from Automatic Data Processing Inc. The pages had the names, addresses, Social Security numbers and income information for at least 80 people who work for companies in Illinois, California and Florida.
-AP Wire (First seen in Valley News off line)
HAHAHA!!!As you said Walter “SWEET IRONY”!!! This is a timely confirmation,of a discussion I had with a reporter the other day,wait till I see him again!!USDA computers no less! Oh,can’t you hear the damage control wheels turning!YES!Pardon me if I seem a bit overjoyed but this is good,since I just had a conversation with those pointy-headed type intellectual highbrows that assured me that I had nothing to worry about that USDA would make sure this data would NEVER fall into evil hands! And now we have seen in less than 48 hours they have lost info without a trace(back)HA!this just goes to show,that its not just an inept private business or just the Va but the great and mighty USDA that is not in touch with reality and imagines itself to be untouchable,ANY computer that can have info put in ,can have info taken out,there you go folks,Walter just handed you a full clip of ammo,use it wisely! Have a great day!!
Comment LEE — June 22, 2006 @ 3:54 pm
So much for the assurances that the databases would be secure. The USDA can’t even keep their employee records safe. They dont care about us small farmers so they certainly arent going to put much efford into protecting us.
Comment Mark — June 22, 2006 @ 4:36 pm
Could this be the USDA “Hacker?”
Alias: G.W. “BUSH-WHACKER”
The alleged “Hacker” of the USDA? The one and only, alleged USDA “Hacker” tentively identified as the “BUSH-WHACKER?”
Quite the confessor, he is, to the “USDA-Hacker” as the “Whacker” became a “Quaker” and allegedly turned states-evidence, as the official “USDA Data Hacker” to include Johann’s alleged USDA Data-Base Black-book, containing Johann’s alleged Mad-Cows;”
Alleged female names like, Betsy, Downer, Pee-brain, etc. allegedly surfaced in Johann’s black-book. Apparantly, Johanns was “milking” them for all he could get, according to the “BUSH-WHACKER.” The alleged “Hacker.”
Alleged statements made by the “BUSH-WHACKER” stated he was only “Data-Mining” for some Premise ID Gold, but instead found the USDA Data, so “insecure” to “Hacking” that the “BUSH-WHACKER” allegedly “Hacked” the files to insure the Premise ID and employee data was “safe.”
Further USDA.inc News Media report’s that the G.W. BUSH-WHACKER, alias; Johann’s “Data-Monkey”, confirmed the following previous alleged “hacking” violations of “BUSH-Whacker” Law;
He’s “hacked” just about everything else!
Budget, phone lines, WTC, NAIS, WallMaart underwear, etc.
Now the USDA complete Data Base! WOW!
Allegedly, to improve the USDA’s Data Base image, Johann’s changed the USDA Data Base “moto” to:
USDA = Unsecured System Data Absolutely~!
Dean Ayers
Glenwood, Iowa 51534-6218
DeanAFOSI@aol.com
IOWANS AGAINST NAIS
http://groups.yahoo.com/group/Iowans_Against_NAIS/
Comment DeanAFOSI (IOWA) — June 22, 2006 @ 7:01 pm
The real irony is the ones who want total control over the entire animal population and human population will not have to hack a computer to get all NAIS information. THEY are the ones we will be forced to pay to get the information they are after in the first place and they are the USDA,Inc and their Global Corporate Partners keepers of the data bases….. The keepers of the data bases are those who want total control and will have it and the packers will be able to really control who lives or dies in the sales of animals, who will get blamed for sickness. What will happen to all those tags with all the info. Just switch one tag for another at processing site and ruin the one you want to eliminate. Safe, secure my fanny. Within a year all inventory can be calculated to the dime. Tell buyers not to touch premise id #…….. and the that farmer is ruined. Lose reports, claim no report made and the small guy is fined out of existence. Premise id not renewed and farmer is ruined. This program is beyond hackable it is death by complying from the get go.
Comment Sue Karber — June 23, 2006 @ 1:02 am
I think mindless blather really detracts from the likelihood our efforts will be taken seriously.
Perhaps pro-NAIS folks are starting to post here to make us look like ignorant Rubes. We finally start to get a little national attention, and then…
Comment Bkeepr — June 23, 2006 @ 5:38 am
sid sargent has a confession and
apology to make…she doesn’t live in district 87 and is running for state rep in that district..after getting the map at the courthouse her precinct is
not in it whoops…..a quarter of
a mile inside the line..an honest
but stupid mistake..now what?????
is there an arkansan out there
who lives in district 87????it covers winslow,westfork,prairie grove,dutch mills,reas mills
lincoln…..we need a new
candidate NOW…I don’t even
know district 97 which is
siloam springs and tonti town
…I am talking to Mike Kenny
who is the current state rep
unopposed..sheesh…to see if I
want to run against him…
please…won’t somebody get off the blog and step up to the
plate…august 9 is the dealine
for write in candidates…
call sid 479-824-4738
siddartha@care2.com
unless we get into government
we can’t fight for farmers’
rights
Comment sid sargent — June 23, 2006 @ 6:13 am
at some point there won’t be any more
secrets left
and then maybe we can start
over from scratch…….
maybe the whole thing
is just a necessary purge
the real secret
is too big to see
the secret of humanity
sid
Comment sid sargent — June 23, 2006 @ 6:18 am
I agree with Beekeepr…All of this esoteric rhetoric about party lines and vegetarianism could cause a credibility gap. But, it’s an open forum, and only Walter can moderate the discussion.
But we have two things going for us on this date. The Japanese ban has been lifted without the need for the NAIS. And there is more evidence that the proposed data bases for the NAIS will not be secure.
We have the proponents of the NAIS at a disadvantage. We should all apply ourselves to writing to our state and federal reps. and questioning their positions re: the NAIS based upon the recent lifting of the ban and the USDA data compromise issues.
Note to Walter; if the Hammerschmidt article is posted before July 03, I will not be able to read it until July 03. I will catch-up when I return on July 03.
Comment Neil W. — June 23, 2006 @ 7:56 am
The trouble is often when we phone or write our state reps–no matter how logical or sensible we are–they discount our voices.
I have written to my state rep on this issue twice–the first time I got the patent answer–NAIS could be good, we’re looking into it. . . . The second time when I politely asked him to explain his position on the issue and why he voted against Ron Paul’s ammendmant I got nothing. What’s worse is he is our state’s rep with the Ag department.
However, slow and stead wins the race.
http://www.podchef.motime.com
Comment Podchef — June 23, 2006 @ 11:38 am
WOW folks, seems some of you “Professional,” perfect, NoNAISer’s are getting a bit to “tight” in the gut,
thinking you are “all that” and more..
A little humor, now and then, goes a long way to preserve a “good” life.
I suggest you all, “uptight” folks take a little vacation away from your “perfection” in this International world, and “get a grip” on “reality.”
A “good” fighter, never, takes the opinion that they are the “perfect” person, they have humility.
A “good” fighter, always remains balanced and artistic, in humor, to lighten the “load.”
A “Good” Fighter, doesn’t Stifle or Hinder
“Freedom” of Speech, just because you are “uptight” about the “Fight.”
Fight NAIS, and the USDA, not the “Good” guys….
Dean Ayers
Glenwood, Iowa 51534-6218
DeanAFOSI@aol.com
IOWANS AGAINST NAIS
http://groups.yahoo.com/group/Iowans_Against_NAIS
Comment DeanAFOSI (IOWA) — June 23, 2006 @ 5:33 pm
my sister saw this in her local paper link
the navy has lost the records of 28 thousand sailors. add that to the vets admin and the infernal revenuers and the usdas data losses. its not looking good. our government is losing our national identity right and left.
Comment anna — June 23, 2006 @ 6:11 pm
Walter this is just to much. An your timing is to. I used to have a perfec credit score. I had one of those agency monitoring credit things and it discoverd someone is using my name and stole my identity. The card companys have not made me pay for the charges as it oviously was not me. they traced ti to a loss of data from a mail order company. But now my credit score is in the pits. The governmt is going to do this to everyone by keeping all thise big databases and not being carful enouf. Pretty soon nobody will have their identity.
Comment pv — June 23, 2006 @ 6:38 pm
Regarding comments 3 and 10:
It seems to me that individuals should take responsibility for the impact of their own words, and think before they write and post the words.
Our problem then is highlighted in comment 9: Our voices and opinions are discounted because we get labeled as “whackoes.” We’ll only win this if we gather enough folks to our side, and we’ll only do that if we stop trying to broaden the argument to everything we don’t like about government or some party or non-NAIS-related stuff.
Comment Bkeepr — June 24, 2006 @ 6:39 am
Well my friend, in debate, the Bkeepr; Sir, it is nice to see a good challenger at heart, even though your heart is cold.
I take full responsibility for being “whackoes” enough to get 1.5 million readers of my voice and opinion, along with my humor, to read it, on:
www.americanclassifieds.com
click on the “Buzz” icon
I take full responsibility for getting that accomplished, for Our “Good” purpose of fighting NAIS, not you; you silly Bee..
Isn’t it nice to know Freedom of Speech still exists, even when you don’t like it..BINGO!
We are fighting for the Right to keep Our Constitutional Freedoms and
Liberties here. We as people do not always agree on format or content, however, we
had better agree to sometimes disagree, yet still remain on the team of
NoNAIS together.
I respect the fact that you do not like my style, but “We” as different
people, bring different aspects to the Good Fight. You need to learn to respect
that point.
These are my final words on this subject for my NoNAIS, “uptight” friend, and all others, Internationally:
“If we don’t believe in freedom of expression for
people we despise, we don’t believe in it at all.”
Dean Ayers
Glenwood, Iowa 51534-6218
DeanAFOSI@aol.com
IOWANS AGAINST NAIS
http://groups.yahoo.com/group/Iowans_Against_NAIS/
Comment DeanAFOSI (IOWA) — June 24, 2006 @ 1:18 pm
Dean Ayers:
You want some humor:
“Sure you can trust your government, ask any Native American.”
Comment Mari Jung — June 27, 2006 @ 7:29 pm
I am totally sincere in anything I say here. Example: I’d think that military personnel who get ripped off are excellently trained to deal with the problem. I invite any and all to interpolate this observation to it’s logical conclusion, and by so doing I will know who is on my side in this and who is not. Comments may be sent to my email address. I don’t mind putting my name on anything I say: Thank you for you indulgence, Don L Hartley.
Comment Don Hartley — June 27, 2006 @ 7:48 pm
i feeeeeelll sooooooooo safe.
Comment anna — June 28, 2006 @ 6:54 pm
I would not trust the government with any data. They have repeatedly proven themselves to be clueless and inept. Then they fail to make good on their mistakes. Government bad.
Comment Andy — July 29, 2006 @ 9:35 am
Don’t trust the government or banks to keep your data safe. They don’t have enuff incentives so they are sloppy with our personal data. It is destroying people’s lives. They less data they keep on you the better. This whole thing with premise registration is just going to create an easy list for terrorist organizations like E.L.F to be able to find farmers and homesteaders and do vandalism and mayhem.
Comment Val — August 7, 2006 @ 4:23 am