The controversy reveals a brewing battle over governance by a private testing firm of its own methods:

An attorney representing ETS conceded that it was impossible to know whether students took advantage of the poor proctoring at the high school to cheat, but said it would be unfair to other AP test takers throughout the nation to allow their scores to stand.

“ETS is a testing service, not a law enforcement agency,” ETS attorney Bruce M. Berman wrote in a letter sent Monday to the attorney representing the students. “Thus, it is not required to prove that test takers cheated as a prerequisite to canceling scores. . . . . Individual attestations of innocence are irrelevant.”

Do they charge for a re-test? Was it the fault of the school, the proctor, or the testing group that gaps were found in security during the test?

There is something really sad and ironic about the title “Countrywide Breach”. But the facts are the facts. There has been a Countrywide Breach in America. Two men are accused of conspicuously downloading all the CountryWide customer records over two years and selling them for relatively little ($70K).

The former employee, Rene L. Rebollo Jr., 36, of Pasadena, was charged with exceeding authorized access to the computer of a financial institution, the FBI said in a statement.

[…]

Rebollo would go into work on Sunday afternoons, log onto his company’s network and download the data onto flash drives, the complaint said.

Investigators believe he was selling the information to Siddiqi, who allegedly acted as a middle man for the companies that bought it, the complaint said.

The FBI says this was unauthorized and therefore a criminal act. That makes me wonder. I get notices about privacy practices all the time from CountryWide, (unfortunately) being a (vulnerable) customer of theirs, where they repeatedly warn me that if I do not actively tell them to protect my records they may be sold to other firms. I mean I am tempted to ask whether Rebollo is considered unauthorized only because he did not bother to pay Countrywide a portion of his revenue?

Are you surprised that the accused worked with the subprime mortgages:

Rebollo had access to Countrywide client information when he worked as a senior financial analyst for the subprime mortgage division, known as Full Spectrum Lending, according to the criminal complaint.

The bottom line here is that approximately 2 million records were sold (for $0.025/each, $500 for 20,000) over a 2 year period. The fact that this was done all via a flash drive on Sunday afternoons suggests it could have been detected easily and early. Was it an insider? A contractor? An outsider with inside connections? Who really cares about the perimeter anymore? The data flowed and the access was higher than roles apparently should have allowed over a long period of time.

Also interesting to note that Countrywide claims only 19,000 identities have really been compromised so far…but given 2 million records leaking over 2 years who would trust their own detection and accounting numbers?

Perhaps that’s too much sarcasm for this morning. Need coffee…

Following on the heels of my post last week about the ongoing violence in America and the confusing definition of domestic terrorism, attackers in Santa Cruz have been quickly identified by local police as a candidate:

Santa Cruz police officials said Sunday the case will be handed to the FBI to investigate as domestic terrorism while local authorities explore additional security measures for the 13 UCSC researchers listed in a threatening animal-rights pamphlet found in a downtown coffee shop last week.

“The FBI has additional resources and intelligence into groups and individuals that might have the proclivity to carry out this kind of activity,” police Capt. Steve Clark said. “The FBI has a whole other toolbox of tools for this kind of investigation.”

Nice quote Mr. Clark. I will have to remember to watch out for the toolbox of tools. That’s different than the toolbox of rubber ducks and fake mustaches that they use for cases deemed not to be terrorist related.