#RSS [Type=count&ClientType=2&AdID=203189&FlightID=125374&TargetID=10593&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,6172,7119,14542&T argets=2625,2878,4935,7018,10593&Values=34,46,51,63,77,87,93,102,140,222,227 ,283,442,733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,276 2,3216,3235,3347,3552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues =&random=bhtmoyx,bekWhgIWrpypd] IT Salary Survey. Discover what you're worth in today's technology market. Find out FREE today! Guide to the TechWeb Network * White Papers | * Blogs | * Video | * Events | * Webcasts | * Newsletters | * Feeds | * What's Hot Digital Library TechWeb Digital Library InformationWeek Blog | Wall Street and Technology Blog | Light Reading Blog TechWeb TV InformationWeek 500 Conference | Interop New York | Web 2.0 Summit TechWebCasts InformationWeek Newsletters | Blog Newsletter | Intelligent Enterprise Newsletters RSS | Facebook | Twitter | iGoogle Gadget InformationWeek Mobile | Blogs Newsletter [Type=count&ClientType=2&AdID=201770&FlightID=124325&TargetID=147&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=96,115,2549,2686,2845,3108,34 48,7547,8877,12614,13943,13985,14402,14497,14514&Targets=147,315,2164,2625,2 878,5859,6529,10592,10068,10537,10640&Values=34,46,51,63,77,87,93,102,140,20 3,222,227,283,442,733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678 ,2727,2762,3235,3347,3552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawVa lues=&random=bKcvNpn,bekWhgIWrfdss] [Type=count&ClientType=2&AdID=125682&FlightID=75634&TargetID=2625&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448&Targets=2625,2878&V alues=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255,1766,1785,1798,1 830,1925,2299,2310,2352,2678,2727,2762,3235,3347,3552,4079,6356,6359,6393,64 40,6489,6502,6541,6567,6577&RawValues=&random=bmomNuo,bekWhgIWrfdst] _________________________________________________________________ Welcome Guest. | Log In| Register | Membership Benefits InformationWeek Defining The Business Value Of Technology Part of the TechWeb Business Technology Network Information Week Defining The Business Value Of Technology InformationWeek 500 Conference -- Register -- September 14-16, 2008 Powered by InformationWeek Business Technology Network ____________________ Go * RSS Feeds * Subscribe * Events * White Papers * News * Blogs * Software * Security * Hardware * Mobility * Windows * Internet * CIO Central * Reports & Analytics * Careers * Privacy * Attacks/breaches * Vulnerabilities * Application Security * End User/Client Security * Perimeter Security * Security Administration/Management * * Storage Security * Encryption * Security Reviews * All Security Stories * Security Blog * Security Discussions Email this page E-mail this page | Print Print this page | Bookmark and Share Princeton Review Security Flaw Outed By Competitor One file reportedly contained information about 34,000 students and another contained names and birth dates of 74,000 students. By Thomas Claburn InformationWeek August 20, 2008 06:00 AM The Princeton Review, an educational testing company, inadvertently exposed the personal data and test scores of tens of thousands of Florida students on its Web site, according to a report in The New York Times. A spokesperson for The Princeton Review said the company has launched an internal investigation and declined to comment further. More Security Insights White Papers * Controller Based Encryption * A Process-based Approach to Protecting Privileged Accounts: An Introduction to Symark PowerKeeper Webcasts * Trusted Information Fueling Growth and Reducing Risk in Financial Services * Web 2.0: Business Opportunity or Security Threat? Reports * What To Do When Your Security's Breached * Rolling Review: Microsoft NAP According to The New York Times, a Web site configuration flaw made hundreds of files on the Princeton Review's Web site accessible over the Internet. One file reportedly contained information about 34,000 students and another contained names and birth dates of 74,000 students. The Times said that it informed the Princeton Review of the problem on Monday and that the testing service promptly closed the hole. Such breaches are not uncommon: There were 446 publicly reported breaches in the U.S. in 2007 and some experts suggest that as few as 5% of breaches get publicly reported. To find out more about managing risk this year, InformationWeek quizzed nearly 2,000 IT professionals about their plans and priorities for securing their companies' assets. Download the 2008 report here (registration required). Indeed, hardly a week goes by without the report of a data breach. On Monday, Richmond, Va.-based Dominion Enterprises disclosed that a computer in its InterActive Financial Marketing Group division was accessed by a hacker between November 2007 and February 2008. As a result, the names, addresses, birth dates, and Social Security numbers of the company's more than 92,000 online credit seekers may have been exposed. "We have identified what system was compromised and how," a company spokesperson said in an e-mail. "In order to best protect our security systems, I cannot share more details with you about the intrusion." And on Tuesday, The Irish Times reported that the personal details of 17,000 members of the Institute of Chartered Accountants in Ireland were inadvertently published online as a result of a Web site redesign. The good news for those affected is that the Government Accountability Office last year found that data breaches seldom lead to identity theft. Out of the 24 largest publicly reported breaches between January 2000 and June 2005, the GAO found evidence of fraud in three of the incidents and evidence of unauthorized account creation in one of the incidents. What's remarkable about the Princeton Review breach is that one of the testing company's competitors told The New York Times about the hole, under the condition that it not be named. "It's interesting that this competitor chose to go to a major media outlet about this rather than drop a quiet note to the Princeton Review," said Graham Cluley, senior technology consultant at Sophos, a message security firm. "Clearly they were intending to get some commercial advantage out of this. I think there's a message here for other companies: It's not just hackers that may find a security hole; it's competitors, too." Phil Neray, VP marketing at Guardium, a database security firm, remains skeptical that other companies are likely to engage in the counter-marketing of rivals. He said it would be hard for him to imagine that, for example, Dell might point out a security hole in HP's Web site. "It sounds like [the testing industry] is a very competitive industry and that's why this happened there," he said. Cluley said that companies need to understand that if they have sensitive information, they need to take steps to protect it. He added that companies should really only collect information they need and that they should delete data after it is no longer needed. According to Neray, the problem lies in management. "Boards of directors and management teams have not made [data protection] a priority in many, many companies," he said. "The reason why this has to come from the top is that in many cases you're asking business units to change bad business practices. And you need budgets [to invest in database protection]." [xml.gif] Subscribe to RSS Bitty Browser (JavaScript required) [Type=count&ClientType=2&AdID=160620&FlightID=97385&TargetID=9578&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11291,12119,12681,1 3386&Targets=2625,2878,7904,9578&Values=34,46,51,63,77,87,93,102,140,222,227 ,283,442,733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,276 2,3235,3347,3552,4079,4482,6356,6359,6393,6440,6489,6502,6541,6567&RawValues =&random=biRIczm,bekWhgIWrpype] » Write To Editor » Reprint This Article » Download Top Reports Advertisement [Type=count&ClientType=2&AdID=203837&FlightID=125975&TargetID=10600&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=759,1892,3108,3448,10797,12 178,13984,14404,14494&Targets=585,1491,10600,2625,2878,10070&Values=34,46,51 ,63,77,87,93,102,140,222,227,283,442,733,1255,1405,1766,1785,1798,1830,1925, 2299,2310,2352,2678,2727,2762,3235,3347,3380,3552,4079,6356,6359,6393,6440,6 489,6502,6541,6567&RawValues=&random=bhrklsb,bekWhgIWrfdsu] Web Security SaaS IDC Research [Type=count&ClientType=2&AdID=199715&FlightID=122919&TargetID=4319&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5163,5323&Targets= 2625,2878,4319&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255, 1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,2910,3235,3347,3 552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=KnAsrW,be kWhgIWrpypf] [spacer.gif] Low-latency to support trading, risk and compliance apps/A> [Type=count&ClientType=2&AdID=201643&FlightID=124211&TargetID=4318&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5164,5324,12179&T argets=2625,2878,4318&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,73 3,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,2911,3235 ,3347,3552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=ot qygr,bekWhgIWrfdsw] [spacer.gif] Unstrung: The worldwide source for analysis of the global wireless economy [Type=count&ClientType=2&AdID=103181&FlightID=61855&TargetID=4322&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5165,5325&Targets= 2625,2878,4322&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255, 1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,2912,3235,3347,3 552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=brkWamh,b ekWhgIWrpypg] [spacer.gif] Podcast: Bank of America uses BPM to create financial products [Type=count&ClientType=2&AdID=200510&FlightID=123333&TargetID=4321&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5166,5326&Targets= 2625,2878,4321&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255, 1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,2913,3235,3347,3 552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=bIjvjcd,b ekWhgIyActN] [spacer.gif] Download free white papers and research from TechWeb Briefing Centers [Type=count&ClientType=2&AdID=99001&FlightID=59362&TargetID=4320&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,5167,5327&Targets=2 625,2878,4320&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255,1 405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,2914,3235,3347,35 52,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=bIRgoxa,be kWhgIWrfdsy] [spacer.gif] _________________________________________________________________ CAREER CENTER Ready to take that job and shove it? Open | Close TechCareers SEARCH Function: [Information Technology] Keyword(s): _________________________ State: ________ Go Post Your Resume Employers Area News & Features Blogs & Forums Career Resources Browse By: State | City SPONSOR [Type=count&ClientType=2&AdID=185948&FlightID=110665&TargetID=8182&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11576&Targets=2625 ,2878,8182&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255,1715 ,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,3235,3347,3552,4079, 6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=rjjaxg,bekWhgNWvnt pq] RECENT JOB POSTINGS Featured Jobs: UC Berkeley seeking Helpdesk Team Lead in Berkeley, CA Hebrew SeniorLife seeking Telecommunication Analyst in Boston, MA Novant Health seeking Chief Technology Officer in Charlotte, NC ISES, Inc. seeking SAS Oracle Clinical Developer in Clinton, NJ Lowe's seeking Network Engineer II in Mooresville, NC For more great jobs, career-related news, features and services, please visit our Career Center. CAREER NEWS 10 Search Engines You Don't Know About Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast. Yahoo Profits Fall 23%, Cuts 1,000 Jobs Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees. More articles from our career center Featured Security White Paper What's the State of E-Mail Security? Download Google and TechWeb Report Cloud computing is a simple, reliable and effective way to address e-mail and web security and message compliance. Nearly 15% surveyed by Google and TechWeb have gravitated to an in-the-cloud model as one tool in their arsenal to combat spam, viruses and phishing attacks. Learn why. Download the State of E-Mail Security Report. read more The Latest Security News * Google Updates Android SDK With Version 0.9 * Google Wants The Airwaves more Security articles [Type=count&ClientType=2&AdID=201338&FlightID=96263&TargetID=10070&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=759,2687,3108,3448,7773,8257 ,12504,13984,14404,14515&Targets=585,2625,2878,5855,10575,10070&Values=34,46 ,51,63,77,87,93,102,140,222,227,283,399,442,733,1255,1405,1766,1785,1798,183 0,1925,2299,2310,2352,2678,2727,2762,3235,3347,3552,4079,6356,6359,6393,6489 ,6502,6541,6567&RawValues=&random=btmrgob,bekWhgIWrpypb] [Type=count&ClientType=2&AdID=125688&FlightID=75640&TargetID=2878&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,10577,11687,14404,1 4494&Targets=2625,2878,8255&Values=34,46,51,63,77,87,93,102,140,222,227,283, 442,733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,323 5,3347,3552,4059,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&ran dom=RvAijj,bekWhgNWrpyps] [Type=count&ClientType=2&AdID=197183&FlightID=121133&TargetID=347&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=97,118,2847,3108,3448,8879,13 986,14405,14496&Targets=146,347,2625,2878,6527,10071,10470&Values=34,46,51,6 3,77,87,93,102,140,205,222,227,283,442,733,1255,1405,1766,1785,1798,1830,192 5,2299,2310,2352,2678,2727,2762,3235,3347,3552,4079,6356,6359,6393,6440,6489 ,6502,6541,6567&RawValues=&random=cemjxvf,bekWhgNwIWgIg] [EMBED] See Image Galleries Subscription Info Apply for a free 52-week subscription to InformationWeek (a $199 value) Last Name: ____________________ First Name: ____________________ Title: ____________________ Company Name: ____________________ City: ____________________ Business Address: ____________________ Zip: ____________________ State: [SELECT STATE............] Continue Email Address: __________________ NOTE: Offer valid for U.S., U.S. possessions, & Canada only _________________________________________________________________ IFRAME: http://ad.doubleclick.net/adi/N4914.CMP.com/B2768876.5;sz=728x90;ord=bmpribh ,bekWhgNWrfdth? Click Here [Type=count&ClientType=2&AdID=197895&FlightID=121566&TargetID=10484&SiteID=2 22&AffiliateID=283&EntityDefResetFlag=0&Segments=98,116,2685,2844,3108,3448, 7550,12861,13942,13987,14403,14493,14516&Targets=145,321,2625,2878,10069,104 84,10556&Values=34,46,51,63,77,87,93,102,140,204,222,227,283,442,733,1255,14 05,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,3235,3347,3552,407 9,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=bmpribh,bekWhgNW rfdth] _________________________________________________________________ [techheadr.gif] InformationWeek Business Technology Network InformationWeek InformationWeek 500 InformationWeek 500 Conference InformationWeek Analytics InformationWeek CIO InformationWeek Events InformationWeek Reports InformationWeek Magazine bMighty Byte and Switch Dark Reading Digital Library Intelligent Enterprise Internet Evolution Network Computing No Jitter space Techweb Events Network Interop VoiceCon Web 2.0 Expo Web 2.0 Summit Enterprise 2.0 Conference Mobile Business Expo Software Conference CSI - Computer Security Institute Black Hat GTEC Energy Camp Mashup Camp Startup Camp space Light Reading Communications Network Light Reading Light Reading Europe Unstrung Light Reading's Cable Digital News Constantinople Internet Evolution Heavy Reading Light Reading Live! Light Reading Insider Ethernet Expo Optical Expo Teleco TV Tower Technology Summit space Financial Technology Network Advanced Trading Bank Systems & Technology Insurance & Technology Wall Street & Technology Accelerating Wall Street Bank Systems & Technology Executive Summit Buyside Trading Summit Insurance & Technology Executive Summit space Microsoft Technology Network MSDN Magazine TechNet The Architecture Journal space * InformationWeek Home * News * Windows * Security * Mobility * Internet * Software * Hardware * CIO Central * Research & Tools * Careers * About Us * Contact Us * Current Issue * Back Issues * White Papers * Briefing Centers * Site Map * Technology Marketing Solutions * Editorial Calendar Terms of Service | Privacy Statement | Your California Privacy Rights | Copyright © 2008 United Business Media LLC, All rights reserved. [Type=count&ClientType=2&AdID=125688&FlightID=75640&TargetID=2878&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,4947,5344&Targets=2 625,2878&Values=34,46,51,63,77,87,93,102,140,222,227,283,442,733,1255,1405,1 766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2730,2762,3235,3347,3552,40 79,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=bAbxpbR,bekWhgN Wvntqa] [Type=count&ClientType=2&AdID=202653&FlightID=124326&TargetID=4076&SiteID=22 2&AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,4413,4794&Targets= 2625,2878,3644,4076&Values=34,46,51,63,77,87,93,102,140,222,227,265,283,442, 733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727,2762,3235,33 47,3552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues=&random=bhIso Wd,bekWhgNWvntqb] [Type=count&ClientType=2&AdID=137989&FlightID=82541&TargetID=8522&SiteID=222 &AffiliateID=283&EntityDefResetFlag=0&Segments=3108,3448,11973,11986,12008,1 2009&Targets=2625,2878,8497,8522&Values=34,46,51,63,77,87,93,102,140,222,227 ,283,364,442,733,1255,1405,1766,1785,1798,1830,1925,2299,2310,2352,2678,2727 ,2762,3235,3347,3552,4079,6356,6359,6393,6440,6489,6502,6541,6567&RawValues= &random=befKAtk,bekWhgNWvntqc]