• 23Jul

    Hospital’s History of Violence Leads to OSHA Fine

    General No Comments

    Hospital’s History of Violence Leads to OSHA Fine
    Occupational Health & Safety (07/20/10)

    The Occupational Safety and Health Administration (OSHA) has cited Danbury Hospital in Danbury, Conn., for failing to adequately protect its employees against workplace violence. After an investigation that began in January 2010, OSHA found several incidents in the past 18 months in which hospital employees had been injured by violent patients. In the past five years, there have been about 25 cases in which employees lost workdays or were put on restricted duty after sustaining injuries from patients. OSHA has cited the hospital for alleged serious violations of OSHA’s general duty clause, which requires workplaces to be free from recognized hazards that are likely to cause death or serious injury to employees. The citation against Danbury Hospital carries a proposed fine of $6,300. “This citation points to the need for the hospital to develop a comprehensive, continuous and effective program that will proactively evaluate, identify, prevent, and minimize situations and conditions that place workers in harm’s way,” said Marthe Kent, OSHA’s New England regional administrator. OSHA’s citation included several suggestions for the hospital, including making sure that security staff members are trained to deal with aggressive behavior, and are immediately available for assistance. OSHA also recommended a system that flags a patient’s chart when there is a history of violence, and to establish administrative controls to ensure that employees are not alone with potentially violent patients in the psychiatric ward.

  • 16Jul

    Huge metal theft in UK

    Alarms, CCTV, Digital Video, General No Comments

    Thieves Strike U.K. Metals Warehouse
    Wall Street Journal (07/15/10) Hotter, Andrea; Pleven, Liam

    Growing demand for commodities and rising prices have made metal an attractive target for thieves in the U.S. and the U.K. According to British Transport Police officials, there has been a significant increase in metal theft over the last six months in the U.K. In the latest incident on May 31, thieves stole several hundred tons of nickel and copper from a warehouse in Liverpool that was owned by JPMorgan’s Henry Bath & Son. The theft took place in spite of the stricter security measures that were put in place following JPMorgan’s security review of Henry Bath. It remains unclear how the theft took place. However, authorities say that they believe that whoever stole the metal might be storing it somewhere in the U.K. before taking it to a smelting facility to make it smaller or change its appearance. The thieves will then try to sell the metal at a scrap yard, officials say. In the U.S., meanwhile, authorities are investigating the theft of roughly $500,000 worth of copper rod from a mill in Carrollton, Ga., in April. That theft is believed to be linked to several thefts of copper and other metals in a number of southern states over the last couple of months.

  • 16Jul

    Workplace violence hits green business in New Mexico

    Access Control No Comments

    NM Gunman Shoots Girlfriend, Kills Two at Plant
    Associated Press (07/13/10) Holmes, Sue Major

    Thirty-seven-year-old Robert Reza has been identified as the gunman who attacked a facility in Albuquerque, N.M., owned by the fiber-optic and solar-power manufacturer Emcore Corp. Two people were killed in the attack and four other people were wounded, including Reza’s girlfriend who was reportedly the target of the shooting. Reza also shot and killed himself. Law enforcement officials believe that the shooting was triggered by a bitter child custody dispute between Reza and his girlfriend, and that the girlfriend had told co-workers that she planned to report Reza for domestic violence. It is unknown how Reza, a former Emcore employee himself, was able to force his way past company security. Police Chief Ray Schultz called the Emcore campus a “very secure facility” and reported that detectives and FBI agents had been able to confirm eyewitness accounts using facility surveillance footage.

  • 02Jul

    39 Data Breaches Involving Financial Service Companies

    General No Comments

    39 Breaches Involving Financial Service Companies in 1st Half of 2010
    BankInfoSecurity.com (06/28/10) McGlasson, Linda

    So far this year there have been 39 reported data breaches involving financial service companies, in which more than 8.3 million records have been stolen. This constitutes more than 50 percent of the total number of reported data breaches financial services firms suffered in all of 2009, and experts warn that more attacks are likely. Only 11.1 percent of the data breaches disclosed so far this year involve financial services, but the Identity Theft Resource Center’s Linda Foley says the business sector tops the list for breaches in the first half of 2010 because of the growing number of credit card-related breaches at businesses, retailers, hotels, and restaurants. “We’re seeing a lot of retail, hotel and restaurants being hacked into somewhere between the point of sale and the card-processing server,” she notes. The Ponemon Research Institute’s Larry Ponemon says data breaches at financial service companies are not easing. “My research suggests that financial institutions are particularly susceptible to automated agent attacks such as botnets, data-stealing malware, and other advanced threats,” he says. As a result, data breach costs are likely to climb for retail banks, credit card firms, and other financial service companies, Ponemon warns.

  • 26Jun

    Peer to peer sharing offers data treasure

    General No Comments

    Hackers Aren’t the Only Threat to Privacy
    Wall Street Journal (06/23/10) P. B5; Worthen, Ben

    Sensitive information such as Social Security and credit card numbers that has been left exposed or poorly protected by governments and companies can be stolen in ways that do not involve hackers breaking into systems. For example, sensitive financial information is sometimes available over the peer-to-peer networks that many people use to share music and video files. Dartmouth College professor Eric Johnson says a recent search of peer-to-peer networks using terms such as hospital names uncovered a document that included the Social Security numbers of more than 20,000 individuals. The same search also found a document from a medical-testing lab that included patients’ insurance information and diagnoses, Johnson says. Such documents are often downloaded by cybercriminals and the information they contain is sold in Internet chat rooms. In addition to peer-to-peer networks, sensitive data also can be accessed by individuals who are able to bypass weak security systems, says Sellitsafe president Steven Peisner. He says information on roughly 15,000 stolen accounts is being published on the Internet each month.

  • 18Jun

    Supreme Court allows search of employer provided cell phones

    General No Comments

    Justices Allow Search of Work-Issued Pager
    New York Times (06/17/10) Liptak, Adam

    The U.S. Supreme Court unanimously ruled that a California police department did not violate the privacy rights of one of its officers when they audited text messages sent on a department-issued cell phone. The ruling stuck close to the facts of the case, applying only to public workers and stipulating that the employer must have a “legitimate work-related purpose” in order to prove they are not violating Fourth Amendment rights. In this particular case, a city policy on computer, Internet, and e-mail instructed employees that the city had a right to monitor communications. The officer who brought the case had signed an agreement acknowledging this right. However, the policy did not apply specifically to text messages. At the time, the city was apparently considering a policy that would allow employees to send personal messages as long as they did not go beyond a 25,000-charater limit. Any texts sent beyond that limit would need to be paid out of pocket. The city audited the officer’s texts to see if such a policy made good business sense, uncovering multiple sexually-explicit messages on the phone, which led the officer, his wife, his mistress, and another officer to sue. The Supreme Court ruled that the audit was not a violation of privacy because the city “had a legitimate interest in ensuring that employees were not being forced to pay out of their own pockets for work-related expenses, or on the other hand, that the city was not paying for extensive personal communications.”

  • 12Jun

    Gov to get involved in workplace violence

    General No Comments

    Workplace Violence: New Regulation, Threats, & Best Practices
    Security Director’s Report (05/10) Vol. 2010, No. 5,

    The Occupational Safety and Health Administration (OSHA) currently is pushing for tougher workplace violence regulations, while at the same time experts are calling for a different “zero” approach, and the judgment of line employees is being tested like never before. Organizations adopt zero-tolerance policies because “they sound good,” says Barry Nixon, executive director for the National Institute for the Prevention of Workplace Violence Inc. Unfortunately, these policies do little to eliminate the issue because they tend to be reactive — “this is what we will do” — rather than preventive, Nixon says. Speaking at the iSecurity online trade show and conference in March, Nixon called for a “zero-incidents” approach instead, because it emphasizes the prevention of unwanted behavior rather than detailing how the organization will handle it after the fact. In addition to tweaking policy language, Nixon recommended addressing workplace violence in the interview stage along with drug screening. While many potential employees expect a drug and background check, Nixon implored companies to similarly issue a proclamation to applicants that workplace violence is not tolerated. Most importantly, a zero-incidents approach — rather than zero tolerance — focuses security personnel on activities it needs to carry out at many points along the prevention continuum. These include: detection by identifying and anticipating possible problematic scenarios before issues actually surface; prevention by taking reports and signs seriously; and protection by putting the response plan into motion and taking immediate action.

  • 04Jun

    Cut Security = Increased Risk

    General No Comments

    Keeping Control: Cutting Security Costs May Increase Risk
    Controller’s Report (06/10) Vol. 2010, No. 6,

    The main challenge for controllers during an economic downturn is to identify the most successful cost-cutting strategies without making the organization more susceptible to burglaries, insider thefts, and other risks. In a recent survey, Security Budgets & Cost-Containment Strategies 2010, this publication asked security leaders about their organizations’ total projected budget for physical and asset security in 2009, including planned capital expenditures and security operating budget. Most security executives believe an organization should allocate more than 0.75 percent of its annual revenue to security. When organizations set aside less, a majority of security leaders say that security resources are insufficient. Overall, nearly four in 10 organizations — 39 percent — spent less on asset protection last year than they did in 2008. Just 26 percent of organizations are spending more. The average change to the security budget in 2009 was a decrease of 2.1 percent, according to respondents. The survey also found that a majority of business and professionals services companies spend less than 0.5 percent of their overall revenue on security.

  • 31May

    Are U.S. Museums Safe From Art Thieves?

    Access Control, Alarms, Digital Video, General No Comments

    Are U.S. Museums Safe From Art Thieves?
    Washington Post (05/25/10) P. C1; Trescott, Jacqueline; Zak, Dan

    Most of the major art heists that have taken place over the last several years, including the theft of $123 million worth of paintings from the Museum of Modern Art in Paris, have taken place in Europe. However, there have been few if any art thefts of that magnitude at art galleries in Washington, D.C., or the rest of the U.S. There are a number of reasons why such large-scale thefts have not taken place in the U.S., including the fact that American art museums tend to be newer and less exposed. For example, Washington, D.C.’s National Museum of African Art and the Sackler Gallery are both underground. Other museums in the city, including the Smithsonian American Art Museum and the National Portrait Gallery, have visual deterrents to thieves, such as steps, cement planters, and fountains. Finally, art thieves may be deterred from attempting major heists in Washington because the city is not located near an international border, according to retired FBI special agent Robert K. Wittman. European museums, by comparison, are usually not far from international borders because countries on the continent are so close together. In addition, European museums are easy targets because they tend to be located in converted houses with windows that can easily be entered.

  • 31May

    Food Servers Charged in Theft of Patrons’ Credit Card Numbers

    General No Comments

    District Food Servers Charged in Theft of Patrons’ Credit Card Numbers
    Washington Post (05/24/10) P. B01; White, Josh

    Federal officials have charged three servers at a Cheesecake Factory restaurant in Washington, D.C., with stealing their customers’ credit card numbers between 2008 and 2009. According to investigators with the U.S. Secret Service, the fraud began when two men who are believed to be part of a larger fraud ring recruited one of the servers and provided her with a device known as a skimmer, which captures credit-card numbers. The server, Nicole L. Ward, then allegedly recruited two of her colleagues at the restaurant to steal credit-card numbers for the fraud ring as well. After stealing the credit-card numbers, Ward then allegedly passed the skimmers off to her contacts in the fraud ring, who used the data to create fake cards and purchase gift cards and other merchandise in the Washington, D.C., area. By the time the fraud was uncovered by investigators at Citibank, more than $117,000 in fraudulent charges had been made to the stolen accounts. Ward has been charged conspiring to commit bank fraud. The other two servers are cooperating with the investigation.

« Previous Entries