Jordan Robertson of Bloomberg News provides media attention to a problem I’ve noted previously on this blog – that Experian suffers a lot of data breaches* where a client’s login is compromised and misused by unauthorized individuals. His coverage will hopefully inform national conversations about transparency, consumer protection, and breach notification. First is the issue…
Category: Business Sector
FTC Finalizes Settlements with Two Businesses that Exposed Consumers Sensitive Information Over P2P Networks
From the FTC, a follow-up to a previously-reported action: Following a public comment period, the Federal Trade Commission has accepted as final settlements with two operations it charged with illegally exposing the sensitive personal information of thousands of consumers by allowing peer-to-peer file-sharing software to be installed on their corporate computer systems. Settlements with Utah-based debt…
MT: Two employees charged with stealing credit card info from Helena restaurant
Melissa Anderson reports another instance of an insider breach in the hospitality sector: Two men made their initial appearance in a Helena courtroom on Thursday, accused of stealing credit card numbers from customers at the L&D Chinese Buffet. […] The two men, who worked at the restaurant at the time of the alleged crimes, are…
Duquesne Light notifying 20,000 customers after employee “mishandled” their data
Ah… another media report of a breach that leaves me scratching my head. Margaret Harding reports: Duquesne Light Co. is notifying thousands of customers that an employee mishandled their personal information. There is no evidence anyone used the information illegally, but the company will offer two years of free credit monitoring to 20,000 of its…
Barnes & Noble discloses breach involving pin pads at dozens of stores (update2)
Remember when Michael’s Stores found that pin pads in some stores had been replaced? It looks like the same thing has happened to bookseller Barnes & Noble’s brick and mortar stores. According to the New York Times, the firm discovered the breach on September 14. As of now, it appears that pads at 63 stores…
Service Sells Access to Fortune 500 Firms
More great investigative reporting from Brian Krebs: An increasing number of services offered in the cybercrime underground allow miscreants to purchase access to hacked computers at specific organizations. For just a few dollars, these services offer the ability to buy your way inside of Fortune 500 company networks. The service I examined for this post…