Anthony M. Freed of Information Security Resources reports that Visa has put Heartland Payment Systems on probation. As of February 11, 2009 Visa’s Global List of PCI DSS Validated Service Providers had asterisked Heartland Payment Systems as being under review. Heartland is not on the March 12th list. The following quotes from Visa’s announcement are…
Month: March 2009
Chicago Fire Department contractor’s laptop stolen (updated)
The Dezonia Group handles billing people for the Chicago Fire Department’s ambulance service. Dana Koslov of CBS in Chicago reports that the contractor reported that an employee’s laptop stolen six weeks ago contained the names, addresses, and Social Security numbers of thousands of people who used the ambulance service in the past two years. Update…
[CORRECTED] More on the Coleman campaign donor breach
The Minnesota Independent, which has been all over this breach since back in January, has a report from Chris Steller today which quotes the campaign web site privacy policy as it was in effect in January 2008 and as it is now. According to the news story, the site’s stated privacy policy in January read,…
Army database may have been breached
Doug Beizer of Federal Computer Week reports that an Army database containing personal information about nearly 1,600 soldiers involved with the Operation Tribute to Freedom program during the past five years may have been accessed by unauthorized users. The potentially compromised information does not include Social Security numbers, but does include names, phone numbers, addresses,…
Nature security breach prompts password reset
John Leyden of The Register reports: The website of science journal Nature has suffered a security breach that resulted in the potential exposure of users’ login credentials. The login credentials were stored in an encrypted form, making them hard to extract. But Nature.com has still opted to reset the passwords of affected users, as a…
UK: Children’s details published on website in council blunder
Annie Riddle of The Salisbury Journal reports that 146 special needs (i.e., special education) children had their personal details published on a Wiltshire County Council website. What makes this one worse is that the council had been alerted to the problem in 2004 and thought it had been taken care of back then. Two weeks…