Computerworld reports today (May 15, 2008) that five federal workers at an Internal Revenue Service office in California have been charged with computer fraud for illegally accessing the confidential records of taxpayers.
Now this is the type of news that I hope we hear more about. Why is that, you might ask? Isn't this bad? We don't want IRS employee snooping into our tax records, do we?
Well, if you read the entire story linked above, this IS good news. So many times we hear about data breaches like this in a roundabout manner and it takes the impacted company a long time to figure things out. In this case, the offending workers "were caught by the IRS' own security system, which routinely audits employees' computer systems." Even more wonderful is the news that "(a)ll five are free awaiting court appearances."
Here we have an organization (the IRS) which implemented auditing and security systems to protect the data under the care. And the systems worked. They caught the perpetrators. This is better than hearing about a data breach that causes an organization to implement security and auditing procedures later - only after they've been hosed!