Tag Archives: breach

Elwha River Busy Dumping a New Delta in Juan de Fuca Strait (Photo Gallery)

IMGP2614
IMGP2633
IMGP2669
IMGP2663
IMGP2665
IMGP2678
IMGP2676
IMGP2646
IMGP2706
IMGP2655

An Elwha River webcam (Photo: MvB)

Upstream on the Elwha River, nearer the Glines Canyon Dam (Photo: MvB)

Riverbank on the Elwha River, nearer the Glines Canyon Dam (Photo: MvB)

Every photo gallery needs some charismatic mega-fawn-a. (Photo: MvB)

Elwha riverbank tracks (Photo: MvB)

Elwha River's mouth sediment deposit (Photo: MvB)

Elwha River's mouth sediment deposit (Photo: MvB)

Love that dirty water (Photo: MvB)

Sand spit at Elwha River's mouth (Photo: MvB)

Sand spit at Elwha River's mouth (Photo: MvB)

Elwha River meeting Strait of Juan de Fuca currents (Photo: MvB)

Even in the Strait, the presence of Elwha silt is easily visible. (Photo: MvB)

IMGP2613 thumbnail
IMGP2614 thumbnail
IMGP2633 thumbnail
IMGP2669 thumbnail
IMGP2663 thumbnail
IMGP2665 thumbnail
IMGP2678 thumbnail
IMGP2676 thumbnail
IMGP2646 thumbnail
IMGP2706 thumbnail
IMGP2655 thumbnail

Tons and tons of sediment, built up behind Elwha and Glines Canyon dams over a century, have been sluiced away by the Elwha River so far, forming a widening sand spit at the river’s mouth, where it meets the Strait of Juan de Fuca. What the river is carrying away — mud, sand, gravel, cobbles, trees, tree stumps and branches — is staggering in its scope.

At one point, the build-up behind the dams was estimated at 18 million cubic yards, but scientists now say it’s more like 34 million: “enough to cover a football field with a 5.5 -mile-deep layer of silt, sand, gravel and cobbles.” The water today is just as gray and murky as it was almost a year ago (“Elwha River Gone Wild“), but gulls are now happily colonizing an extension of the peninsula that’s about one-third of a mile long.

You can learn more about the Elwha River Restoration project online, or by visiting the Klondike Gold Rush Museum (before the end of April, when the temporary exhibit closes). Follow along at home on webcam.

The Glines Canyon Dam’s removal has been delayed, thanks to the choking silt set free. As the Seattle Times reported:

Dam removal was put on hold last October until contractors make more than $1.4 million in emergency retrofits to the new $71.5 million Elwha Water Facilities plant. It was built as part of the dam-removal project, to clean sediment from the water supply to an industrial pulp and paper plant, a fish-rearing channel and a hatchery. But the plant failed during the first fall rains last October, when fish screens and pumps became clogged with leaves, twigs, branches and sediment.

The silt-charged water has been bad news for light-seeking kelp, but researchers think that the silt-and-sand mix will bring a crop of sea grass, which salmon like, and provide a spawning ground for other fish.

Upriver, in the areas behind the reservoirs, the Elwha revegetation crew in March sowed 1,400 pounds of native plant seeds (eight different native plants) in the sediment left behind. Downriver, the Elwha’s mouth — already a minor tourist attraction for birders and whale-watchers — is a vantage point for fans of newborn sand spits as well.

Health Net “Alerts” Customers to 6-Month-Old Data Breach

You're screwed, little kid. Good luck fixing your credit history!

I had to read the letter I got from Health Net about a possible data breach twice, for several reasons. First there was the notice that the incident was prior to January 21, 2011. That’s when “IBM informed us the company could not locate several hard disk drives that had been used in Health Net’s corporate servers….”

Notice that’s not when the hard drives went missing, necessarily, it’s when IBM told Health Net about it. The drives were decommissioned when  Health Net moved its data center operations in Rancho Cordova, CA, to IBM’s facility in Boulder, CO. Back in March, Health Net announced the “unaccounted-for server drives” contained information on “some” customers. (We’re going to come back to that “some.”)

Then there is the date of the letter actually informing me that I’m in the unaccounted-for pool: July 27, 2011. Six full months for data thieves, if that’s what happened, to get a head start on looting, with “details such as your name, address, health information, Social Security number and your financial information.”

Lastly, Health Net writes, they wanted to tell me about the incident–again, six months after a “continuing” investigation has been started–out of “an abundance of caution.” (Here, the ghost of Inigo Montoya whispers to me that he doesn’t think that phrase means what they think it means.)

What’s not in the letter? I’m glad you asked. The letter doesn’t admit that the hard drives contained data on some two million Health Net customers. (If you got your small business health insurance through Costco, as I did, then you have Health Net.) About 40,000 Washington residents had their data breached, and 130,000 Oregonians.

Also, Health Net initially told thousands of customers that their Social Security numbers were not on the drives, before confirming that, in fact, they were.

Nor does the letter mention that Health Net, in 2009, reported a breach involving 1.5 million customers. It also fails to mention that Health Net was sued by the Connecticut attorney general, in part, for taking six months to alert customers to that breach: “Even more alarming than the breach, Health Net downplayed and dismissed the danger to patients and consumers.”

It doesn’t seem like the lesson took. The Foley Hoag legal blog muses that if Health Net is penalized in proportion to Massachusetts General Hospital, the payout would $9 billion. Somewhat more than the two years of “free” identity fraud protection that Health Net is offering its customers through Debix.com.

QFC Parent Kroger Affected in Massive Email Breach

Over the weekend, I got an email from national grocery retailer Kroger that warned my name and email address had been compromised by a breach, and that I should be alert for any phishing scams that might result. Then I got another email alert. And another.

It’s part of what’s being called a “massive breach” of third-party online marketing firm Epsilon’s email database, one that includes email addresses from TiVo, US Bank, JPMorgan Chase, Capital One, Citi ,Home Shopping Network (HSN), Ameriprise Financial, LL Bean Visa Card, McKinsey & Company, Ritz-Carlton Rewards, Marriott Rewards, New York & Company, Brookstone, Walgreens, The College Board, Disney Destinations, Best Buy, and Robert Half Technologies.

For its part Kroger owns such grocery brands as City Market, Dillons, Jay C, Food 4 Less, Fred Meyer, Fry’s, King Soopers, QFC, Ralphs, and Smith’s.

Epsilon told the New York Times that just two percent of its 2,500-strong client base was affected, but that’s a little disingenuous given the size of the clients involved. What it has not disclosed is the actual number of email addresses stolen. Epsilon sends out some 40 billion emails a year, to give you an idea of the scope of their marketing.

SecurityWeek explains the value of the name and email address combination to the thieves:

Some may dismiss the type of data harvested as a minor threat, but having access to customer lists opens the opportunity for targeted phishing attacks to customers who expect communications from these brands. Being able to send a targeted phishing message to a bank customer and personally address them by name will certainly result in a much higher “hit rate” than a typical “blind” spamming campaign would yield.