Maryland’s Attorney General’s list for 2015 contains over 500 breach reports, many of which were never covered by the media. Here are two involving health or medical entities or health data, followed by some from the education sector that you may not have known about: Dharani Jasthi DMD PC dba Today’s Dental Associates reported that they: received an…
Month: March 2016
FTC To Study Credit Card Industry Data Security Auditing
Note: The PCI DSS Council currently lists 346 qualified security assessors. It would be nice to know how the FTC picked the nine it’s questioning, and I’ve sent the FTC an inquiry about that. * * * The Federal Trade Commission has issued orders to nine companies requiring them to provide the agency with information on how…
Mounting phishing reports predict new tax refund fraud victims in 2016
It used to be that in February and March, we’d see a number of reports of breaches involving employees’ W-2 tax statements that were due to printing or mailing errors. This year, we’re seeing reports of W-2 data theft via phishing. Because a W-2 form provides the employee’s name, Social Security number, address, and earnings information for the…
TalkTalk chief signals change after cyber attack
Daniel Thomas reports: The damaging cyber attack on TalkTalk’s website last year will lead to a fundamental change in how the company operates, says chief executive Dido Harding, who signalled that chasing customers with low-cost offers would be tempered with greater responsibility. […] “It goes a lot deeper than security,” she says. “TalkTalk’s culture is one of…
Apple users targeted in first known Mac ransomware campaign
Jim Finkle reports: Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday. […] Palo Alto Threat Intelligence Director Ryan Olson said the “KeRanger” malware, which appeared on Friday,…
More than 2,500 General Communication, Inc. employees’ W-2 information stolen in phishing scam
KTVA in Anchorage reports: Information found on GCI employees’ W-2 forms was stolen in an apparent phishing scam in February, according to the company. In an email Friday, GCI President Greg Chapados explained the information was accessed by someone claiming to be an employee of GCI. The individual, purporting to be GCI’s chief financial officer,…