I don't have all the details, but it looks like an employee at one of the hospital's vendors did something really stupid:
A medical privacy breach led to the public posting on a commercial Web site of data for 20,000 emergency room patients at Stanford Hospital in Palo Alto, Calif., including names and diagnosis codes, the hospital has confirmed. The information stayed online for nearly a year.
Since discovering the breach last month, the hospital has been investigating how a detailed spreadsheet made its way from one of its vendors, a billing contractor identified as Multi-Specialty Collection Services, to a Web site called Student of Fortune, which allows students to solicit paid assistance with their schoolwork.
Gary Migdol, a spokesman for Stanford Hospital and Clinics, said the spreadsheet first appeared on the site on Sept. 9, 2010, as an attachment to a question about how to convert the data into a bar graph.
One can easily see how this happened: someone on the billing contractor's staff was taking a class of some kind and decided to use real, live, HIPAA-protected data for a project. My law-school Wills instructor, Jerry Leitner, would explain this by the "omnibus explanation," the thing that explains nearly every human endeavor that ends badly: stupidity.
The article mentions Stanford got fined $250,000 from the breach. I wonder if they'll be able to get a contribution award from the contractor?
Gulliver this afternoon examines whether we might want to examine them:
A new academic paper [PDF] from John Mueller (of The Ohio State University) and Mark Stewart (of the University of Newcastle in Australia) attempts to determine whether the return on investment justified those huge expenditures. ... [T]he findings in this paper are truly remarkable. By 2008, according to the authors, America's spending on counterterrorism outpaced all anti-crime spending by some $15 billion. Messrs Mueller and Stewart do not even include things like the wars in Iraq and Afghanistan (which they call "certainly terrorism-determined") in their trillion-plus tally.
"[A] most common misjudgment has been to embrace extreme events as harbingers presaging a dire departure from historical patterns. In the months and then years after 9/11, as noted at the outset, it was almost universally assumed that the terrorist event was a harbinger rather than an aberration. There were similar reactions to Timothy McVeigh’s 1995 truck bomb attack in Oklahoma City as concerns about a repetition soared. And in 1996, shortly after the terrorist group Aum Shinrikyo set off deadly gas in a Tokyo subway station, one of terrorism studies' top gurus, Walter Laqueur, assured the world that some terrorist groups 'almost certainly' will use weapons of mass destruction 'in the foreseeable future.' Presumably any future foreseeable in 1996 is now history, and Laqueur’s near 'certainty' has yet to occur."
The paper also found that anti-terror spending has outpaced anti-crime spending by some $15 bn, despite crime costing society significantly more. The paper doesn't go into the politics of why this might be so, but I'll hazard a guess that cutting crime benefits more people a little while spending on anti-terror measures benefits a few people quite a bit. Lowering the likelihood that my car will suffer $300 in damage from a break-in has less immediacy than a $30m contract for a new security gadget would were I in that line of business.
Via Bruce Schneier, the author of How the End Begins describes how no one can ever be absolutely certain an order to destroy civilization is authentic:
Can the president start a nuclear war on his own authority—his own whim or will—alone? The way Brigadier Gen. Jack D. Ripper did in Dr. Strangelove? What if a president went off his meds, as we'd say today, and decided to pull a Ripper himself? Or what if a Ripper-type madman succeeded in sending a falsely authenticated launch order? You're about to kill 10 million people, after all.
Anyway, back down there in your launch capsule you might allow yourself to wonder: "This launch order, is this for real or for Nixon's indigestion?"
If you were asking yourself that question, you wouldn't be the only one. James Schlesinger, secretary of defense at that time, No. 2 in the nuclear chain of command, was reported to be so concerned about Nixon's behavior that he sent word down the chain of command that if anyone received any "unusual orders" from the president they should double-check with him before carrying them out.
So there you are, having just received the order to launch nuclear genocide. Should you suppress any doubts, twist your launch key in the slot simultaneously with your fellow crewman and send death hurtling toward millions of civilians halfway around the world? Without asking questions? That's what you're trained to do, not ask questions. Trainees who asked questions were supposed to be weeded out by the Air Force's "psychiatric consideration of human reliability" requirement. I've read this absurd Strangelovian document, which defined sane and reliable as being willing to kill 10 or 20 million people with the twist of a wrist, no questions asked.
Oh, yeah, I'll sleep well tonight.
Via Bruce Schneier, a retired CIA codebreaker recently decoded a message sent to Confederate Lt. Gen. John Pemberton in July 1863:
The encrypted, 6-line message was dated July 4, 1863, the date of Pemberton's surrender to Union forces led by Ulysses S. Grant, ending the Siege of Vicksburg in what historians say was a turning point midway into the Civil War.
The message is from a Confederate commander on the west side of the Mississippi River across from Pemberton.
"He's saying, 'I can't help you. I have no troops, I have no supplies, I have no way to get over there,'" Museum of the Confederacy collections manager Catherine M. Wright said of the author of the dispiriting message. "It was just another punctuation mark to just how desperate and dire everything was."
That day, 4 July 1863, the Union not only captured Vicksburg but also prevailed at Gettysburg. Historians generally agree the two victories effectively ended any possibility of the Confederacy winning the war, though they would continue to fight for another 20 months.
The full text of the message to Pemberton reads:
"Gen'l Pemberton:
You can expect no help from this side of the river. Let Gen'l Johnston know, if possible, when you can attack the same point on the enemy's lines. Inform me also and I will endeavor to make a diversion. I have sent some caps (explosive devices). I subjoin a despatch from General Johnston."
The last line, Wright said, seems to suggest a separate delivery to Pemberton would be the code to break the message.
The news story has more details about how they found the message, and how they broke the code.
I've recently had the opportunity to work on-site with a client who has a strong interest in protecting its customers' privacy. They have understandably strict policies regarding who can see what network data, who can get what access to which applications, etc. And they're interested in the physical security of their buildings.
At some point, however, process can stymie progress, and this client recently added a physical security measure that can stand as a proxy for everything else about how they function. Not content with having a full-time security guard at each lobby entrance, and with doors that require an ID to open, they now have a man-trap-style revolving door system. Only one person can enter the door at a time, or alarms sound. The doors move slowly enough that even the slowest walkers—and this is far Suburbistan, so there are many—can get through without hurrying. And to make extra-special-certain, these doors require a second ID badge.
Now, the client building is 30 km from the nearest city of any size, and that city doesn't even rank in the top 50 by population. In order to get to the building you have to drive some distance from anyplace you'd ever want to be, then cross a parking lot whose area, according to Google Maps, is four times greater than the building's footprint. In other words, they're protecting the building from...nobody. Nobody will ever lay siege to this place.
This aptly demonstrates the philosophy throughout the organization: they have immense barriers that have no purpose except to prevent any actual work from happening. My effort for this particular client lasted several long weeks and produced, in the end, about fifteen lines of code. They brought 60 developers onto the project to speed it up, with the result that 60 developers tripped over procedures and project management at immense cost to the company to produce something four guys in a garage could have done in the same length of time.
There's a punchline, a poignant one for the day after Elizabeth Edwards died: the client is a major health-insurance company.
Do you want to know why the U.S. spends more on health care than any other country? I think I have the answer.
N.B.: The title of this post comes from one of my favorite quotes, usually ascribed to Napoleon Bonaparte but probably coined by Robert Heinlein: "Never attribute to malice that which is adequately explained by stupidity."
Via Schneier, the Department of Homeland Security will soon get rid of color-coded warnings:
In an interview on “The Daily Show” last year, the homeland security chief, Janet Napolitano, said the department was “revisiting the whole issue of color codes and schemes as to whether, you know, these things really communicate anything to the American people any more.”
The answer, apparently, is no.
The Homeland Security Department said the colors would be replaced with a new system — recommendations are still under review — that should provide more clarity and guidance. The change was first reported by The Associated Press.
I wonder what that guy at O'Hare—the one who says "The current threat advisory level is orange" all day—I wonder what he'll do now?
Security guru Bruce Schneier has great advice about when to change your passwords:
The primary reason to give an authentication credential -- not just a password, but any authentication credential -- an expiration date is to limit the amount of time a lost, stolen, or forged credential can be used by someone else. If a membership card expires after a year, then if someone steals that card he can at most get a year's worth of benefit out of it. After that, it's useless.
... An attacker who gets the password to your bank account by guessing or stealing it isn't going to eavesdrop. He's going to transfer money out of your account -- and then you're going to notice. In this case, it doesn't make a lot of sense to change your password regularly -- but it's vital to change it immediately after the fraud occurs.
... So in general: you don't need to regularly change the password to your computer or online financial accounts (including the accounts at retail sites); definitely not for low-security accounts. You should change your corporate login password occasionally, and you need to take a good hard look at your friends, relatives, and paparazzi before deciding how often to change your Facebook password. But if you break up with someone you've shared a computer with, change them all.
A good friend woke up this morning to find her email and Facebook accounts hacked, with a message sent out to everyone in her address book that she'd been robbed at gunpoint while visiting London and desperately needed a credit card to get on the plane back home.
Other than the story's baseline implausibility (a gun robbery in London being about as likely as getting trampled by a moose in Atlanta), there were other clues it was a phisher. For one thing, my friend is an American lawyer, not a Nigerian criminal, so she has a direct, concise, and moreover punctuated writing style not immediately in evidence in the phishing message.
The take-away, to all the would-be phishers reading this: you'll get farther with your frauds if you learn better English. Next time, instead of asking for credit-card numbers, write this: "Help! I am being held captive unless I can draft a 500-word essay on epistemology, and they'll only allow me one reference book! Please, I'm desperate, send me Strunk and White before I use unnecessary words!"
Oh, and also try hacking your victim's spouse's account, which will make it harder for people to verify the dodge.
Waaaaay back in ancient history, I actually reported a Nigerian scammer to the FBI. This was, oh, 1997 or so, maybe 1998. The FBI already had a cybercrimes unit in San Francisco, and I had a half-hour conversation with one of the agents there about a bizarre email I'd received from a Nigerian IP address. We actually did some IP tracing and header analysis on the email to determine its origin. Yes, the scam was that new.
Who was it that said, the more things change, the more they stay the same? Right:
OFFICER IN-CHARGE:
NAME: Mr. Robert Stephen Sien @
FBI UK Internet Fraud Watch/Alert
Phone: +44 792 457 7408
We are writing in response to our track light monitoring device which we received today in our office about your transactions.
The Federal Bureau Of Investigation (FBI) Washington DC, in conjunction with the Scotland Yard, Has screened through our various Monitoring Networks also our German counterpart the anti fraud unit reported that your identity/information was used to dupe a German Business man to the tune of $5 Million USD by some Africa/Nigerian Fraudsters.
After all the series of investigations conducted here in our office we tracked your record and we found out that you have never had any fraudulent case that may jeopardize your image and personality.
We have concluded our investigation and you have been approved to be compensated from the total amount recovered for scam victims compensation. So all you need to do right now in other to receive your compensation and clear your name from the list of these Con Men which has already been forwarded to our office is to secure the CLEAN BILL CERTIFICATE immediately.
This Certificate will clear your name from the scam list which will enable you receive the sum of $500,000.00 Usd compensation fund.
You are required to contact Robert S. Sien by email: rssien@aol.com with your full name and contact details for easy communication also to guild you on how to secure
the CLEAN BILL CERTIFICATE and claim your money.
THANKS FOR YOUR CO-OPERATION.
Robert Stephen Sien.
FBI SPECIAL AGENT
You know what tipped me off? What made me certain this was a 419 scammer? Because, you can see, it's quite well crafted, no loose ends, nothing to arouse suspicion.
What tipped me off was this:
When real FBI agents refer to their employer, they never capitalize "of".
It's obvious when you look at it.