Select * from tblVeterans
This might make impersonating a Airborne Ranger easier. Data disks of millions of veterans are stolen -- The Associated Press
MONDAY, MAY 22, 2006 WASHINGTON Personal data, including the Social Security numbers of 26.5 million U.S. veterans, were stolen from an employee of the Department of Veterans Affairs this month after he took computer disks home without authorization, the agency said Monday. The secretary for veterans affairs, Jim Nicholson, said there was no evidence so far that the burglars who robbed the employee's home had used the material - or even knew they had it. The employee, a data analyst whom Nicholson would not identify, has been placed on leave "pending the outcome of an investigation," the agency said on its Web site.
Professional database administrators know about things like granting permissions on tables and putting audit scripts in, the kind that send pager messages or emails to warn, for example, when somebody wants 26.5 million keys and related records. Normally one tries to restrict direct query access to a database to a chosen few; it being better to provide data access to users through an application front end. And you can control the living daylights out of a front end. It is good practice to provide select access through stored procedures or some similar mechanism where execute permissions can be assigned and where at least one can count the rowset requested before returning it. You want twenty six thousand records? Maybe and you'd log it. But somebody asking for twenty five million records and change -- the whole dataset -- would make you wonder.
How did this happen? In this case the robbery victim was a data analyst, somebody looking for trends in records. Maybe doing data mining. For a management report. So he had access in principle to the full set. And that's the problem with security schemes of all kinds. Friends often ask me if it is "safe" to transmit sensitive data over the Internet. My usual answer is that while there's some danger of a malicious application sweeping through the network the greatest danger is usually an employee at the other end who might leave the screen open on his account while going out to lunch. It's the trusted men who are vulnerable to misadventure or who may be seduced to betrayal. If you want the secrets of an organization, rob or suborn the men with access.