White Lodging, an independent hotel management company, continues to struggle to really secure customer card data. Since January 2014, when Brian Krebs reported that White Lodging card data had been compromised for most of 2013, White Lodging has attempted to harden its security. In February 2014, the firm confirmed the suspected breach of point of sales…
Month: April 2015
AT&T To Pay $25M To Settle Investigation Into Three Data Breaches
If anyone doubted the FCC was serious about getting more into data breach/security enforcement, they should read this settlement with AT&T released today (pdf). From the order: 1. The Enforcement Bureau (Bureau) of the Federal Communications Commission (Commission) has entered into a Consent Decree to resolve its investigation into whether AT&T Services, Inc. (AT&T or Company)…
UK: Financial firms are responsible for data trading
Tony Hazell nails it in a column that begins: The revelation that intimate financial and medical details are being sold to firms with dubious intentions should have sent shockwaves through the financial community. But it probably will not. The Daily Mail last week revealed that financial details were being sold for as little as 5p…
Advocate Health patients ask Seventh Circuit to revive data breach lawsuit
There’s an update to another case I’ve been following. Although Advocate Health won dismissal of some lawsuits stemming from the theft of four laptops with information on over 4 million patients, plaintiffs have asked the Seventh Circuit for another bite of the apple under the Fair Credit Reporting Act (FCRA). So far, trying to litigate breaches…
PA: Couple gets prison time for tax refund fraud scheme that used Crozer-Chester patients’ information
There’s an update to a case I’ve been covering since March, 2013, when Rafael Henriquez Polanco and his wife, Yanira Lopez, were first charged in a tax refund fraud scheme. According to court records, as part of the scheme, they paid employees at Crozer-Chester Medical Center and Chester Community Hospital to provide them with identity information of 144 patients. The hospitals…
AU: Melbourne hacker admits to encouraging Indonesian hackers to DDoS Australian government websites
Steve Butcher reports that Mathew John Hutchison, age 21, pleaded guilty to charges of inciting others to commit an offense and to possessing a prohibited weapon. Hutchison’s criminal charges resulted from his engagement with Indonesian hackers who were attacking Australian sites in retaliation for revelations in documents leaked by Edward Snowden that Australia had spied on Indonesia. Hutchison…