I posted a while ago on the casual way companies deny wrongdoing when they are admitting wrongdoing. Here are some more:
(From Adam Shostack’s blog, regarding a compromise at Stanford, and quoting the San Jose Mercury News, which I don’t currently have a subscription to.)
Computer System Hacked at Stanford
"University spokesman Jack Hubbard said there was no evidence that any data had actually been acquired by the hacker, but that the university is sending letters to about 9,600 clients of the career center and about 300 company recruiters to notify them about the security breach."
Bank of America, Wachovia Lift Estimate Of Stolen Information
"There are no signs that the purloined account information has been used for identity theft, in which another person’s information is used to open credit-card accounts or obtain loans. But the number of customers being notified that their information was illegally obtained and sold has climbed during the past 10 days, as the banks compare additional names and Social Security numbers turned over by police to their customer lists."
BYU Students Victim of Computer Hacker
"BYU Office of Information Technology employees say it appears to be the work of an "inside culprit" who they believe is more interested in mischief than identity theft."
Computer hacking affects 679 employees at IPFW
"They were unable to determine if the hackers actually swiped the information, but the opportunity to do so existed, said Jim Bottum, Purdue’s vice president for information technology."
"Investigators don’t have evidence that any personal information was taken for the server, but they’re urging everyone affected to put a fraud alert on their credit report to make they don’t fall victim to identity theft."
Hacker may have stolen Social Security numbers from Jackson Community College
"We don’t think that Social Security numbers have been compromised, but we don’t know for sure. We want to err on the side of caution," Jones said in a statement. "We don’t have any way of knowing what they have been able to do."
A Hacker Break-In Scrambles Kellogg
"No reports have yet surfaced of unauthorized use of personal information as a result of the security breach, says Keown. "It’s often very hard to tell what the original motives of attacks like these are. However, our investigation has identified patterns of the hacker’s behavior that suggest the servers were not targeted to obtain personal information," he adds."