What’s concerning about is that the officer was reportedly able to access juveniles’ information without being traced. And this was not the first time this has happened - in 2010, there was a similar case.
"This is not the first time we’ve seen the DJJ database misused for tax refund fraud scheme. One can reasonably ask why the agency didn’t harden its access controls and security after the first report and why this was able to happen again."The DJJ maintains a database of current and former probationers but only recorded when someone accessed a specific probationer’s full report. The system, though, did not record when someone logged in and conducted a search.
- Office of Inadequate Security
Clearly, a proactive approach to detecting which data even authorized users are accessing is needed.
Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) FL Probation Officer Accused of Milking Records for Tax Fraud - Databreaches.net, 03/24/2013
(b) Probation Officer Accused of Milking Records for Data - Tampa Bay Online, 03/22/2013
(c) FL: Feds Say Clay Man Took IRS for Millions After State Computers Tapped - Databreaches.net, 09/2010