Elise Viebeck reports: Leaders on a top House committee are pushing the federal Health Department to change the way it identifies people on Medicare. To reduce the risk of identity theft, the Department of Health and Human Services (HHS) must remove Social Security numbers from the Medicare card, the GOP lawmakers charged Monday. Read more…
Month: October 2012
Data security flaws part of FTC complaint against Compete
The FTC has been active in going after companies that do not provide adequate data security. Today, they announced that Compete, Inc. had settled charges involving unfair or deceptive practices associated with collecting and sharing personal information of users. Of interest here, however, are the charges in the complaint that relate to data security: Compete’s…
ICO: Education ministry BROKE the Data Protection Act
Kelly Fiveash reports from the U.K.: The Department for Education broke the Data Protection Act after it exposed the email addresses, unencrypted passwords and sensitive answers of members of the public who filled in an online form about parental controls on the net, The Register can reveal. However – despite the breach – the Information Commissioner’s Office…
IE: Schools warned over IT risk as pupil accesses confidential files
Katherine Donnelly reports: Second-level schools have been told to step up their computer security after a pupil obtained a username and password that allowed access to confidential files. The problem has arisen over the use of generic usernames and passwords, which schools may make available to substitute teachers. The Department of Education alerted the Joint…
The Southern District of Florida Weighs In On Data Breach Lawsuits
A few months ago, I noted a lawsuit by a former Winn-Dixie employee against Purchasing Power. The complaint in Burrows v. Purchasing Power alleged that Winn-Dixie shared employee data with Purchasing Power to administer its employee benefits program, but also sent them data on employees not enrolled in the program. The complaint also alleged that although…
Statement from Punto.pe about recent breach that effects 90,000 clients details
Following yesterdays large leak of tens of thousands of client details from a peru based (.PE) domain and blog service website the company PUNTO has now released a statement. In the statement they explain that the hackers @LulzSecPeru had not gained access to the clients current access keys and had updated all users passwords as soon…