SecureState Blog

Read SecureState's award winning blog.

The Lame Man delves into the security breaches/stories for the past week and reveals the Good (attempt to find the good), Bad and oh so Ugly.

Good… Security breaches aren’t good… people lose their information, have the threat of identity theft, lose money and the all the other things that come along. But this story out of DC gets the pat on the back for the week. According to the Washington Post, the Social Security numbers of almost 4700 current and former Metro employees were posted on the agency’s website last month. It was a mistake made when the transit authority was soliciting possible workers’ comp. and risk management vendors. The good part of the breach comes here… Metro suspended the three workers responsible for the incident for one month without pay. It’s always good to hear that someone is being punished for their lack of common sense.

Bad… LPL Financial. The Boston-based broker-dealer reported that they began to take several steps to increase their data protection. This, after being breached for the second time in less than one year! The article, written in Investment News , says that the steps LPL is taking (since its first breach last July) to “beef up” its security includes: increasing the profile of data security within the company at all level, hiring a chief security/privacy officer and implementing a new information privacy and security program. Something tells me this plan isn’t working…

And the Ugly for this week comes from Washington and the Washington Education Association’s website which was brought down by Turkish hackers. Now, according to, the attack brought down several local teachers’ union affiliates. It goes on to say that the attack did not compromise any personal data… but the reason why this goes on as the ugly story for the week is that the association is still having problems, one month later! Oh and they still proudly display Hackers 1, WEA 0.