Another day, another successful phishing scheme. In late afternoon on March 1, 2016, Main Line Health learned of a “spear phishing” incident that affected the personal information of all Main Line Health employees. Main Line Health immediately alerted federal authorities, including the IRS and FBI, regarding this incident and is cooperating with their investigation. No…
Month: March 2016
Eye Institute of Corpus Christi notifies patients of breach
Here’s yet another case where patients’ personal information and protected health information was stolen and used to solicit patients to another practice. The Eye Institute of Corpus Christi, through its external counsel, disclosed that on January 6, they learned that individuals associated with doctors formerly employed by the Eye Institute copied the patient database and provided…
Hackers claim Bank of North Dakota hacked
@hackinyolife (“Fear”) has posted data and a claim that the Bank of North Dakota was hacked by members of @TheFamilyMethod The transaction logs dumped in a paste include fields like “ACCOUNT, ACCOUNT NAME, AMOUNT, AUTH CODE, AVS, BRAND, CARD ENDING, CVD, FIRST NAME, LAST NAME, MERCHANT TRANS. ID, OPTION CODE, DATE, TXN ID, CONF. NO.,…
Bailey’s notifies 15,000 online customers of payment card breach
It’s not enough I come across a payment card breach notification with a lot of detail, so I was surprised to read a notification of an e-commerce breach from Bailey’s to the Oregon Attorney General’s Office that provided so much information. Look at the first few paragraphs of the timber harvest gear firm’s notification. It includes the date…
Central Concrete Supply notifies employees of breach involving W-2’s
Another business discloses a breach that sounds like it might have been another business email compromise (impersonation) scam: We are writing to tell you about a data security incident that may have exposed some of your personal information as an employee of Central Concrete Supply Co., Inc., Right Away Redy Mix, Inc., or Rock Transport, Inc….
US Debuts ‘Hack the Pentagon’ Bug Bounty
Tara Seals reports: Announcing what it calls “the first cyber bug bounty program in the history of the federal government,” the Department of Defense is inviting hackers to test the department’s cybersecurity profile. The Hack the Pentagon initiative is a pilot program that will use commercial sector crowdsourcing to uncover vulnerabilities and probe around for flaws on…