We really need stronger laws protecting the security and disposal of paper records. Today’s example is from Beaverton, Oregon: Seven large boxes filled with personal information of clients from the Sylvan Learning Center, including names, birth dates, Social Security numbers and credit card information, were found in a Dumpster in Beaverton. Read more on KOIN….
Category: Business Sector
Plaintiff in LinkedIn lawsuit says harm is irrelevant and the issue is deception
MainJustice has an update to the LinkedIn lawsuit concerning their massive hack last year. As expected, LinkedIn moved to dismiss on the grounds that the plaintiff hasn’t suffered any harm and hasn’t proved they used outdated security, but the plaintiff responds that harm is irrelevant – she wouldn’t have purchased a premium account if it…
US Airways resets passwords for Dividend Miles accounts, notifies customers of breach (updated)
When I saw “US Airways” appear on California’s public breach report site, I thought it was going to be the ADP-related breach I reported last week. But no, it seems that US Airways had another breach, this one discovered on July 12. In an undated letter with a file creation date of August 2, Fernand…
E-mail gaffe exposed Ruby Tuesday employee financial data to a former employee
An e-mail gaffe by a Support Center employee Ruby Tuesday exposed current employees’ information to a former employee. The spreadsheet, inadvertently attached to the July 8 e-mail, contained employees’ names, Social Security numbers, bank name, bank account type, bank account numbers and routing numbers. Ruby Tuesday immediately tried to recall the e-mail, and contacted the recipient…
Security breach at Opscode as attackers download databases
Iain Thomson reports: Opscode, the commercial side of the open source Chef configuration management tool beloved by Google, Facebook, and IBM, has warned customers that a flaw in an unnamed third-party application has left its wiki and ticketing system pwned. “The attacker gained escalated privileges and downloaded the user database for the wiki and ticketing…
Bridgewater Associates notifies former employees that their information was accessed by unknown individual
Bridgewater Associates, LP offers employees continuing health coverage (COBRA) when they separate from the firm. That coverage is administered by Ceridian, who maintain a database with the employees’ and their dependents’ names, addresses, dates of birth, Social Security numbers, and other benefit plan information (but no medical information). On or about April 11, a Bridgewater…