Just a couple months after the Texas State Comptroller’s office disclosed that it had exposed sensitive data on some 3.5 million residents, Texas is making data breach headlines again–albeit on a much smaller scale. A blog post from Austin’s KUTNews site explains, “As many as 4,900 current and former employees of the Texas Department of Assistive and Rehabilitative Services (DARS) may have had their personal information exposed in the latest data security breach involving state workers.”
Citing concern over interfering with the ongoing investigation by law enforcement, and not wanting to further compromise any data, the Texas agency is not yet sharing any details about how the breach may hve occurred, or–more importantly–what data has been exposed. From the perspective of the affected individual, there is a big difference between exposing only a name and address, or exposing more sensitive details like drivers license, Social Security, credit card data and such.
Given the relative ease with which hacking collectives like Anonymous and LulzSec are breaching networks and taking down Web servers, organizations of all sizes need to take a close look at their network security and data protection, and make sure it is locked down as tight as it can be. Employing tools to prevent sensitive data from being saved or transported on portable storage devices, or monitoring outbound network communications to ensure sensitive data doesn’t leave the network are crucial elements that organizations should employ to protect data.