Ektron was reportedly hacked on or around June 15. The firm reports that an unauthorized third party gained access to a file with 22 current and former employees’ personal information, including names, passport numbers, employee authorization cards, Social Security cards and/or immigration visas. Ektron, a privately held firm headquartered in Massachusetts, states that they learned…
Month: October 2013
Colonial Properties Trust reports malware breach
Sometimes, despite your best efforts to deal with a malware problem, the system can be re-infected, as Birmingham-based Colonial Properties Trust learned back in April and May. CPT reports that they promptly contacted a forensics firm after detecting malware on their system, and within three days of detection, the malware had been eradicated. One week later,…
Executive Accounting Services notifies clients of security breach involving their personal and banking information
Executive Accounting Services, Inc. is a Raleigh, North Carolina firm that provides payroll and tax preparation services to clients. As such, it maintains information on the clients’ employees, including names, postal and email addresses, checking and savings account numbers, telephone or cell numbers, and Social Security numbers. On September 17, EAS was notified by some…
Privacy breach at Northern Inyo Hospital could result in criminal charges
From today’s Inyo Register in Bishop, California: Local law enforcement has opened an investigation into the theft of medical records from Northern Inyo Hospital in a case that has shaken community members and NIH itself. This past summer, hospital officials noticed that an employee in the records department had illegally obtained and was in possession…
Ouidad notifies customers after customer data viewed or obtained
Hair care product manufacturer and e-tailer Ouidad is notifying customers that they were recently alerted to a compromise of their customer database that occurred between June 30 and July 4. In a letter to those affected, they write: It appears the attackers obtained or viewed information about one or more transactions you completed at Ouidad.com…
French Data Protection Authority CNIL Announces New Online Notification Procedure For Reporting Data Breaches
Cynthia O’Donoghue and Daniel Kadar write: France’s data protection authority, the Commission Nationale De L’informatique et Des Libertés (CNIL), released a new mandatory online notification procedure for French electronic communications service providers (Providers) to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013) (the Regulation). Any data breach must be reported to CNIL via a…