Back in January, I noted that Lush Cosmetics had been hacked and customer data acquired and misused. The company reportedly only became aware of the breach after receiving reports from almost 100 customers who had become victims of card fraud. Today, the UK’s Information Commissioner’s Office revealed that Lush was required to sign an undertaking…
Author: Dissent
UK: Unencrypted laptops with patient data stolen from Harley Street Clinic results in undertaking
There was no press release on this one, but the UK’s ICO had HCA International Limited sign an undertaking following the theft of two unencrypted laptops from a hospital in March. According to the statement: The Information Commissioner (the ‘Commissioner’) was provided with a report of the theft, in March 2011, of two unencrypted laptops containing…
Cn: Jail for telecom employees who sold subscriber details
Seen on English.Eastday.com: China Unicom and China Mobile employees were among a group of 23 people jailed yesterday for selling phone users’ details. Prison sentences ranged from a year to two years and six months. Liu Hongbo, who worked for the Beijing Longjiang Junwei Information Consulting Center, collaborated with her lover, Dai Bin, and China…
Update: UNC-Chapel Hill Police arrest suspect in theft of student records
There’s been an arrest in the case of the recent break in at a University of North Carolina – Chapel Hill office where 30 students’ records held by the Honor Court were stolen. NewsObserver.com reports: Garrett Lee Haywood, 22, of Chapel Hill, was arrested today on charges of breaking-and-entering, larceny and possession of stolen goods. Haywood was…
VA: Norfolk McDonald’s cashier admits stealing card data
Tim McGlone reports: When Sophia Jacobs worked the drive-thru at the Norfolk Naval Station McDonald’s, she swiped hundreds of customers’ credit or debit cards twice – once through the register and again through a skimmer. She and her friends then went on a shopping spree with those card numbers to the tune of about $50,000,…
Update: Health Net data breach affected more Oregonians than previously thought
Brent Hunsberger reports that Health Net has sent out corrected notifications following the discovery of missing drives in January: Health Net Inc. said a data breach discovered in January affected more people than originally thought and that it had erred in telling thousands of former and current members that their Social Security numbers were not…