Dallas County Data Incident from Computers Sold at Auction

Dallas County Data Incident from Sold Computers

Background
Identity Theft Response Best Practices
Securely Wiping Computer Data

Background

Last month, Dallas County released a notice disclosing that Dallas County computers were sold at auction that did not have their hard drives securely wiped. The computers sold at auction included computers from Dallas County Sheriff’s Department and other Dallas County departments. The notice states that there could be personally identifiable information (PII), criminal records information, and protected health information (PHI) of Dallas County residents on these computers.
Dallas County set up a website to provide updates on the situation, started the process of recovering these computers, and set up a dedicated call center for individuals to call if they have questions.

Data Loss Prevention (DLP) focusses on preventing this type of accidental data disclosure. For enterprise environments, DLP strategy can be quite comprehensive and focuses on network, cloud, and endpoint data protection, along with various compliance requirements like PHI for HIPAA requirements. The more immediate and personal concern in this data loss incident is identity theft.

Identity Theft Response Best Practices

There a various steps that can be taken in response to identity theft. One way check if an email or phone has been part of data breach is to to check: https://haveibeenpwned.com/. Dallas County’s website also mentions that identity theft victims, under the Fair Credit Reporting Act, have additional rights including free credit file disclosure and the ability to place a fraud alert on a credit file. The Dallas County Data Incident notice lists these 5 best practices in response to a possible data breach incident:

Register for Identity Protection Services.
Review Your Accounts for Suspicious Activity
Order a Credit Report
Contact the Federal Trade Commission, Law Enforcement and Credit Bureaus
Request Fraud Alerts and Security Freezes

Securely Wiping Computer Data Best Practices

There are some common methods to securely wipe data before selling or disposing of a computer. Reinstalling a new operating system copy erases hard disk drive (HDD) data, but not solid-state drive (SSD) data. Encrypting SSD data prevents data recovery. Windows users can use BitLocker or Windows Device Encryption. BitLocker is a Windows encryption technology that protects data from unauthorized access.
Windows users can also wipe data on their computers with the “Recovery” and “Reset PC” options. Mac users can enable FileVault for data encryption and wipe data through the “Disk Utility” option.

Download our Capabilities Brief

Cybersecurity

News

Technology

Dallas County Data Incident from Sold Computers

Table of Contents

Background

Identity Theft Response Best Practices

Securely Wiping Computer Data Best Practices

Unveiling the Tools Behind Object Recognition: A Deep Dive into Deep Learning Equipment

Looking Back on 10 Cybersecurity Trends of 2023

The Role of Blockchain in File Sharing Security

KEV Catalog: Apache CouchDB Remote Privilege Escalation (CVE-2022-24706)

KEV Catalog: “Ghostcat” Apache Tomcat Improper Privilege Management Vulnerability (CVE-2020-1938)

KEV Catalog: “Drupalgeddon2”: Drupal Module Configuration Vulnerability CVE-2018-7600

KEV Catalog: “Spring4Shell” Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

KEV Catalog: Debian-specific Redis Server Lua Sandbox Escape Vulnerability (CVE-2022-0543)

KEV Catalog: Apache Airflow “Example DAG” Command Injection (CVE-2020-11978)

KEV Catalog: VMware Spring Cloud Gateway Code Injection Vulnerability (CVE-2022-22947)

KEV Catalog: VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability (CVE-2022-22963)

KEV Catalog: Red Hat Polkit “pwnkit” Out-of-Bounds Read and Write Vulnerability (CVE-2021-4034)

KEV Catalog: SaltStack Salt Authentication Bypass (CVE-2020-11651)

Ready For a Free Consultation For Any Size Solution?

Company

Services

Contact Us