Brian Krebs has a piece reminding us that businesses don’t have the same protection as individuals when bank accounts are hit by fraud and/or when the cause of the breach is that the user’s system was infected by malware: A New York marketing firm that as recently as two weeks ago was preparing to be…
Month: February 2010
The Cost Of A Breach, Heartland Style: At Least $129 Million; Might Be $229 Million
Evan Schuman comments: In its latest financial report, Heartland Payment Systems reported that it dropped $129 million on data breach costs last year (an incident that briefly placed Heartland on Visa’s Bad Breach Boy list). The company added that it still has a reserve of $100 million for additional expenses. As a processor, Heartland’s pain…
OCR explains why it shielded names on published breach list
This week, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) began posting summaries of breach reports it has received as newly mandated by the HITECH Act. In commenting on the breaches, this site observed that some breaches simply stated “Private Practice” instead of the name of the…
Tennessee: No evidence stolen personal information being used, BlueCross says
Andy Sher reports: No identity theft or credit card fraud has been found stemming from the October theft of 57 computer hard drives containing BlueCross customers’ personal information, a company official told state lawmakers today. “No sir,” Clay Phillips, BlueCross’ director and associate general counsel for state affairs, told Sen. Ken Yager, R-Harriman. “We monitor…
UT: Payment card skimmer secretly planted in gas station pump
Dan Goodin reports on yet another skimming operation involving a gas station, this one in Utah: It was discovered in late January at a 7-Eleven in Sandy, Utah. Police said it may have been actively monitoring transactions for as long as 60 days. It resulted in losses of more than $11,000. Read more in The…
UK: Mortgage company accidentally discloses over 15,000 account details
The Information Commissioner’s Office (ICO) has found Redstone Mortgages Ltd in breach of the Data Protection Act (DPA) after personal information relating to 15,333 mortgage accounts was emailed to a member of the public by mistake. The information, which included personal data relating to individuals’ arrears or possession proceedings, was sent to Redstone’s head office…