Jeffrey Steven Girandola and Kajohn Phommavong have been charged in a previously sealed 16-count indictment with Conspiracy, Computer Fraud, Access Device Fraud and Aggravated Identity Theft. According to the indictment, which was handed up by a federal grand jury in San Diego, the defendants installed peer-to-peer file sharing software on computers under their control and…
Author: Dissent
UK: Action taken after tenants’ personal files go missing
The Information Commissioner’s Office (ICO) has found the Orbit Heart of England Housing Association to be in breach of the Data Protection Act after 57 paper files containing personal data went missing during an office move. Forty-two of the files were recovered in full, but 15 which contain a significant amount of personal data relating…
Two Official Kaspersky Websites Hacked
Lucian Constantin reports: A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling…
Businesses still plagued by data breaches
An article by Jackie Noblett includes references to some recent breach notifications affecting Massachusetts residents that I do not recall ever seeing covered in the media: Three separate breaches at State Street Corp. affecting 42 Massachusetts residents involved State Street employees accidentally sending personal information of a customer to the wrong client or financial adviser…
Court Rejects Request to Consolidate TJX Hacker Cases
Kim Zetter of Threat Level reports that: A federal judge in Massachusetts has rejected a request from U.S. attorneys to consolidate a New Jersey case against Albert Gonzalez, who has admitted hacking more than 120 million credit card numbers from Heartland Payment Systems, with two other cases against him in Massachusetts. […] The case was…
AU: Consumers may be told of ID theft
Kim Christian reports: Australian businesses may soon be forced to tell their customers if their personal details have been stolen, under proposed new laws to combat identity theft. One of the world’s biggest technology security companies, Symantec Corp, says it has been approached to assist the federal government with “advice and support” in drafting privacy…