BreachExchange mailing list archives
Re: CTS: Thief Steals Tax Records
From: George Toft <george () myitaz com>
Date: Sun, 04 Feb 2007 14:45:12 -0700
The FTC clearly calls out tax preparers as being required to comply with GLBA (http://www.ftc.gov/bcp/conline/pubs/buspubs/glbshort.htm 3rd paragraph). However, in September, 2006, CPA's were able to become exempt from the privacy rule of GLBA (http://www.icpas.org/icpas/ei/gbarticle.asp). They are still required to comply with the Security Rule, which nobody seems to know about. CPA's by nature are very tight-fisted with their money, and they see this as yet another expense that has no benefit. "If it's not broke, why should I fix it?" This list's members are very proactive and forward-thinking. Securing information is obvious to us, but eludes others, so they delegate the task to "the IT guy" and it's his problem because "he understands that stuff." Problem is, a large percentage of IT Guys I've spoken with are clueless about regulatory compliance and the finer art of information security. George Toft, CISSP, MSIS My IT Department www.myITaz.com 623-203-1760 Confidential data protection experts for the financial industry. James Childers wrote:
But let me guess what the response was to your ad ... They didn't care because it hasn't happened to them yet. Apathy coupled with stupidity is a dangerous marriage. Do small firms have to comply with GLBA or are they exempt? If so, how can they justify non-compliance? Jim Childers iQBio www.iqbio.com http://databreaches.blogspot.com -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of George Toft Sent: Sunday, February 04, 2007 10:38 AM To: blitz Cc: dataloss () attrition org Subject: Re: [Dataloss] CTS: Thief Steals Tax Records We tried to alert them all. We published articles and ads in the Arizona Society of CPA magazine. George Toft, CISSP, MSIS My IT Department www.myITaz.com 623-203-1760 Confidential data protection experts for the financial industry. blitz wrote:So one would/might postulate at this point the thieves are selecting smaller targets, with less names and info. Especially ones with less security, and obviously more to loose should they be compromised. */There should be an alert to them all. /*At 23:39 2/3/2007, you wrote:I would expect to see more of these. I met an accountant in Phoenix that had just her hard drives stolen - guess what the thief wasafter?This is a sore point for me - we hired a telemarketer to call everyCPAin Phoenix. There was virtually no interest on the part of the CPA'stoprotect their customer's information from this type of event. BTW - 800 people for one firm means it's a small firm. George Toft, CISSP, MSIS My IT Department www.myITaz.com <http://www.myitaz.com/> 623-203-1760 Confidential data protection experts for the financial industry. Dissent wrote:http://www.wndu.com/news/headlines/5530966.html Eight hundred people are in jeopardy of having their credit ruined, because thieves in the night stole their personal information fromaCassopolis tax preparer._______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 562 incidents over 7 years.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 562 incidents over 7 years.
Current thread:
- CTS: Thief Steals Tax Records Dissent (Feb 03)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 03)
- Re: CTS: Thief Steals Tax Records blitz (Feb 04)
- VA Breach - Stupidity Redux James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records lyger (Feb 04)
- Re: CTS: Thief Steals Tax Records James Childers (Feb 04)
- Re: CTS: Thief Steals Tax Records blitz (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 03)
- Re: CTS: Thief Steals Tax Records Adam Shostack (Feb 04)
- Re: CTS: Thief Steals Tax Records B.K. DeLong (Feb 04)
- Re: CTS: Thief Steals Tax Records George Toft (Feb 04)
- <Possible follow-ups>
- Re: CTS: Thief Steals Tax Records Max Hozven (Feb 03)