« Quote of the Day | Main | IT Security Barney Fief Award UPDATE »

August 01, 2005

Today's IT Security Barney Fief Award

How much private information now at risk in New Jersey?

 

 

Today’s award goes to the State of New Jersey and the folks who run their website and IT department.

 

For several weeks now their website has been compromised, hijacked and used to send reams of comment spam out across the world wide web to likely a myriad of unsuspecting blogs. If such a blog is unprotected against said spam, its owner will discover a slew of uninvited comments and pings pointing the user to various dubious vice-centric websites likely run by the same hacker who compromised New Jersey’s servers in the first place. Or, for the blogger who has implemented spam-blocking policies, just an annoying use of bandwidth.

 

The State of New Jersey, like so many others such as the First National Bank of Santa Fe though seems not to care that its network systems (for example, sac-ce1.gsn.state.nj.us ) have been compromised. It has so far not responded to an e-mail I sent to them yesterday about the problem, nor has it taken any action to stop the spamming. Note to the State of New Jersey: bandwidth costs money, and it has not been unheard of to hold in such cases a negligent party legally responsible.

 

For residents, state employees, and truly anyone else doing business with the State of New Jersey, this concerns you as well. Since it is not apparently known by any to what extent its servers have been “owned” by those aforementioned hacker(s), your personal information, employment records and business transactions might all be out there in naked grandeur for all the world to see. Can we say identity theft? Politicians should be worried too, for more reasons than just an electorate angry over private confidentiality being truly violated by a state government which likes to champion its crusade for the “right to privacy” in so many public circles: their internal memos, e-mails and other things they’d rather the world not see may just so happen as well make their way before us at the most inopportune time – say during an election – creating potentially a bit of cruel irony for everyone involved.

 

We’ll let you know if we get a response from the state of New Jersey or whenever they finally get around to securing their servers.

 

Concerned citizens should contact their New Jersey state legislators here and their acting governor Richard J. Codey by visiting the governor's website or with the information below:

 

Governor's South Jersey Office
101 Haddon Avenue, Suite 15
Camden, NJ 08102
(856) 614-3200

Governor's North Jersey Office
153 Halsey Street, 7th Floor
Newark, NJ 07102
(973) 648-2640

 

 

Posted by Martin at August 1, 2005 07:26 PM

Comments