Risk Factor iconRisk Factor

That Didn't Take Long: Hannaford Sued Over Data Breach

Lawyers are suing Hannaford Brothers supermarket chain for the data breach announced last week that that exposed 4.2 million credit and debit card numbers, as well as led to at least 1,800 fraud cases.

In a story in ComputerWorld, Philadelphia law firm Berger & Montague PC and attorney Samuel Lanham Jr. in Maine (so far) have filed class-action against the supermarket which is based in Scarborough, Maine. The story says that,"The class-action suit charges the company with negligence and breach of implied contract and seeks to recover any damages that might be caused to consumers as a result of the breach."

Hannaford can also expect requests for payments from financial institutions who have also been affected by the data breach, for example, any which has had to reissue credit cards to their customers.

Manipulating the London Stock Market for Fun & Profit


In the wake of the investment bank Bears Stearns' rapid meltdown, investors have been very worried about which bank may be next. This has created a perfect environment to play on those worries to cause havoc from which to profit by.

As you may recall, Bear Stearns denied rumors that there were any problems with its holdings and blamed its falling share price on unfounded speculation, all the way up until the day it was sold for a pittance.

So when rumors surfaced via e-mails to traders last Wednesday that HBOS (Halifax Bank of Scotland), Britain's largest mortgage lender, was in deep trouble, investors ran for the exits. At least one short seller supposedly made £100 million as HBOS stock fell 17%.

However, the rumor was deliberately planted, and now the authorities are trying to find out who started it. Few think they will be successful.

There is a detailed story in the London Telegraph about how at least one London-based hedge fund has been trying to manipulate the market in just this way. Undoubtedly, it isn't the only one, nor will this be the last time something like this occurs given the current market nervousness.

Possibly Coming to a Phone Near You

Nokia announced last week the winners of its annual, â''Mobile Rules!â'' competition, which gives awards to "innovative mobile business plans and cutting-edge applications, services and technologies from developers and entrepreneurs" from around the world.

The idea, as I understand it, is to encourage mainstream and entrepreneurial companies alike to come up with new applications for mobile phones. In Nokia's press release, Tom Libretto, Vice President, Forum Nokia is quoted as saying, â''Open platforms and the millions of smart phone devices available today are helping enable this new wave of entrepreneurs from around the globe to become drivers of the future global mobile marketplace through the innovative technologies, applications and business models they create today.â''

Distilling that marketing statement into something more understandable, what Nokia is saying is that: "Mobile phone customers are becoming smarter and more agile than we are in developing new applications and innovative uses of our phones. In fact, we have lost control of the direction of the market, so let's just sit back, help enable it and see where it takes us. If we provide smart phones with lots of capabilities, nice tools and open architectures for our customers to play with, our customers will create neat things that will likely make them (and others) buy our phones in the future."

The upside for Nokia for running the contest is to not only encourage this innovation, but to get a good look at what more innovative customers are doing with mobile phone technology. If what is created looks profitable, then Nokia is in a perfect position to enter collaborative deals with them.

There are some interesting ideas among the winners. Because of my interest in medical technology, I am a bit partial to the winner of the best business plan, MedApps, and the mobile wireless health monitoring system they are developing.

You can check out who all the winners are here.

UK Gov E-Crime Unit Too Expensive at $2 million


A story in ComputerWeekly says that UK Home Office minister Vernon Coakertold has informed the Association of Chief Police Officers (ACPO) that he did not have the £1.3 million to help kick-start the national e-crime unit.

According to the story, "ACPO has been pressing the government for £1.3m as seed capital for a 45-strong national e-crime unit, which would be funded jointly by the private sector. ACPO said it hoped the cash would give the private sector the confidence to contribute towards the £4.5m cost of the unit."

Last August, the House of Lords Science and Technology Committee issued a report demanding that the government do more about e-crime. A Home Office spokesperson responded when the report was published that the government was examining the report and would respond shortly.

The answer is now in.

I supposed it is a matter of the cost/benefit assessment: at least £2.4 billion losses in e-crime per annum against £1.3 million to help start a crime unit to investigate them still doesn't make the government's priority investment cut.

Sen. Obama's Passport Data Improperly Accessed

According to the Washington Times, two State Department contract workers "used their authorized computer network access to look up files within the department's consular affairs section, which processes and stores passport information, and read Mr. Obama's passport application and other records." The two were fired, and a third disciplined. Why the third person was disciplined rather than fired is not said.

According to the story, "Computer-monitoring equipment detected the activities by the three employees on Jan. 9, Feb. 21 and March 14, triggering alarms in each case." No reason was given why it took so long after the first or second alarm to take action, given the tight restrictions placed on accessing passport information of political candidates.

The FBI is now investigating.

This also happened in 1992 when State Department officials looked into then presidential candidate Bill Clinton's passport records.

Update: The AP is now (noon) reporting that Sen. Hillary Clinton's passport file was breached last year as well.

Update 1: Now (1230) Reuters reports that Sen. John McCain's passport files were also looked at.

These breaches will undoubtedly stir up a political hornet's nest.

V-22 Osprey Tiltrotor Needs a New Pair of Shoes (err, Engines)


Marine Col. M. D. Mulhern head of the V-22 Osprey program has said that the Rolls-Royce AE 1107C Liberty engines used to power the aircraft are wearing out faster than expected in a story that appeared in the Fort Worth Star Telegraph. This means that the Osprey, which took 25 years and over $20 billion to develop, finally becoming operational in 2006 and deploying to Iraq last October, may now need a new set of engines.

In a story over on Air Force magazine's website, it says that, "Several engine components are not enduring as long as originally predicted. Engine compressors especially are eroding earlier than expected due to power demands that force the engines to run hotter, Mulhern noted. New additions to the aircraft, such as a directional infrared countermeasures systems and forward firing gun, will add weight, thereby placing even more demand on the engines, Mulhern said."

Rolls Royce, on the other hand claims that the engines have "met or exceeded all performance specifications."

Philip Coyle, former chief of the Pentagon's weapons testing division, in a recent CNN story focused on how the Osprey is finding redemption in Iraq was quoted as saying, "It seems like every time one problem is fixed another one comes along, and I just don't think the program will be able to get over that."

"The program is like a bad poker hand. They keep putting money into it when they should have spent it on a new helicopter system."

Well, it is likely just too late now. DoD will not kill the program. The only question is how much money its going to take to buy 900 or so new engines.

The Australian Seasprite Story Ends


The newspaper The Australian reported today that the Australian government and Kaman, the US contractor for the ill-fated Seasprite helicopter program, have come to terms. The 11 not so Super Seasprites, spare parts and training equipment, are to be sold off and the government is to get at least AU$40 million guaranteed back from the sale.

Now, who is going to want to buy the Seasprites given they are unsafe to fly, well that is another story.

Siemens' Profits Down: IT Partly to Blame

Siemens AG announced that its first quarter profits would be about $1.4 billion lower than expected. Part of the reason was, as ComputerWorldUK explains, the cancellation of a major IT contract in the UK for the Department of Work and Pensions (DWP). In April 2004, Siemens was contracted to provide a a central payment system as well as provide ongoing management and maintenance through to 2010.

The DWP canceled the project because of some small problems with schedule and cost. The payment system was supposed to be completed by October 2006, but it slipped to December 2010.

Project costs also increased from £90 million budget to an estimated cost of £153 million.

Siemens also indicated that there were other problems with its IT units that are contributing to the profit warning.

GPS Says: Turn Left, Turn Right, Drive Off Cliff


The Wall Street Journal today has a story (subscription may be required) about GPS problems, like one driver that was directed to drive off a 200 foot cliff and another that directed the driver into oncoming traffic. The latter decided to name his GPS unit Christine after the possessed '58 Plymouth Fury in Stephen King's horror novel of the same name because he thinks the GPS is trying to kill him.

I ran a similar post about GPS problems in England a little while ago.

The WSJ story quotes Clifford Nass, a communication professor at Stanford University and author of two books titled, The Media Equation: How People Treat Computers, Television, and New Media Like Real People and Places and Wired for Speech: How Voice Activates and Advances the Human-Computer Relationship about how humans have a tendency to follow the instruction of machines over their common sense: "Rather than trust our judgment of nature, we let technology tell us what's going on."

I must remember that as it gets closer to the time for my children to learn how to drive, instead of just warning them not to blindly follow their friends' poor judgments, I need to add the phrase, "And if the GPS tells you to drive off a bridge, are you going to do it?"

You can listen to Professor Nass explain how we react to computerized speech here.

Data Stolen Again: This Time Grocer Hannaford Hit


Hannaford Brothers supermarket chain disclosed that it had a breach of its computer system beginning last December that exposed 4.2 million credit and debit card numbers, as well as led to at least 1,800 fraud cases, the Boston Globe reported today. The breach affected stores in five states - Maine, Massachusetts, New Hampshire, New York and Maine - and 270 of its stores. The breach wasn't suspected until February and continued until March of this year.

Unlike the TJX breach, Hannaford appeared to meet all the industry standards involving how customer data is supposed to be protected.

It hasn't been disclosed how customer information was compromised, but in a more detailed story at ComputerWorld, the speculation is that it was stolen in transit between Hannaford stores and the financial institutions that process the stores' credit/debit card transactions.

I don't know if this qualifies as the first million plus data breach in the US for 2008 since the breach began last year - if it counts, I guess we can ring the bell.

Also, Gregory Kopiloff was sentenced at the U.S. District Court in Seattle, Washington yesterday to four years in federal prison for using file-sharing software to steal at least 83 identities. It is the first federal case against those using file-sharing software for identity theft.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Robert Charette
Spotsylvania, Va.
Willie D. Jones
New York City
Load More