As noted previously on this site, Point-Of-Sale (POS) vendor NEXTEP confirmed that they were investigating a potential breach after being notified by law enforcement that some of its customer locations had been compromised in a potentially wide-ranging credit card breach. Brian Krebs broke the story, here. Today, Compass Group USA submitted a copy of an April 16th notification…
Month: April 2015
SendGrid Update on Security Incident and Additional Security Measures
David Campbell of SendGrid provides an update on a breach I had missed. It’s a very well-written disclosure and update if anyone is looking for a good model. Here’s how it begins: On April 8, the SendGrid account of a Bitcoin-related customer was compromised and used to send phishing emails. We initially believed that this…
LabMD moves to disqualify Commissioner Ramirez from administrative case; also moves to dismiss entire case
As the administrative hearing in FTC v. LabMD gets closer to resuming, there have been two developments to note. The first is that LabMD has moved to disqualify Commissioner Edith Ramirez, alleging that she has been “irrevocably tainted and compromised” by her involvement in the FTC’s response to the House Oversight Committee’s investigation of Tiversa. I do not…
And then there were four five (Ascension Health entities breached)
Now that I know what I’m looking for, I’m finding more evidence of targeted email attacks affecting members of Ascension Health. For previous reports on this incident, read here and here. On March 16, Sacred Heart Health System in Florida posted this notice on their site about a breach they reported to HHS as affecting…
And then there were three (Ascension Health entities breached)
Now can I say, “I told you so?” When Ascension Health wouldn’t answer my question as to whether there were other members who had also had a phishing incident recently other than the two hospitals I had already reported on, I was even more suspicious. Then this afternoon, I discovered that St. Agnes Health Care,…
MASSIVE FAIL: Indian gov DOXXES net neutrality campaigners; Gets DDoSed by @opindia_revenge in response.
Alexander J. Martin reports: The Telecom Regulatory Authority of India has dumped more than a million Indian netizens’ traceable personal details online, after it decided to publish, in full, the emails it received as part of its consultation paper about net neutrality. Obviously deeply convinced by last week’s arguments for transparency in internet governance, the Telecom Regulatory…