Interesting Security Issues to watch

Two interesting stories dealing with companies and consumers reached the surface this week. The first has to deal with Choicepoint PRG, which is a company that is generally used by companies to do background checks on prospective employees among other features. Apparently, they opened business accounts to members of the criminal element, which allowed them to access a ton of information about people. Choicepoint has notified by letter 35,000 customers in California (as required by California Statue) about the possible compromise of their data. Some estimates say that as many as 110,000 people might be affected nationwide. There has been over 700 cases of identity theft because of this data compromise. The Reuters article can be found here.

The other article comes from the "You have to be kidding me file." A man in South Florida is suing Bank of America for the $90,000 in losses he incurred because of a trojan program on his computer. The trojan had a keystroke component, which allowed the program creator to gain passwords and to wire monies to Latvia. The core of the case is that B of A did not inform customers about the possibilities that this trojan may affect them. At what point is a company doing business with you responsible for disclosing the possibility that a security threat (worm, virus, or trojan) can put your data at risk, especially if the threat lives on your computer. Businesses have plenty of threats to combat without making sure that you are running anti-spyware, anti-virus, and a firewall on your personal computer. A loss by B of A in this matter might limit businesses interest in using the internet as a mode of commerce, as no one will want to accept the risk of some moron who can't keep malware off of his computer suing them for not telling him/her he should be running personal computer security software.