I occasionally check the docket for FTC’s lawsuit against Wyndham over the multiple breaches they experienced. A story in my news reader today about how Ben Rothke of Wyndham Worldwide gave a talk on “The five habits of highly secure organizations” struck me as somewhat ironic, and I decided to see where the lawsuit stood. Of…
Category: Business Sector
NC DHHS contractor’s missing drive held over 50,000 medical providers’ names, dates of birth, and Social Security numbers
Yesterday, the North Carolina Department of Health & Human Services (DHHS) disclosed that a flash drive with information on over 50,000 medical providers who are excluded from participating in federal healthcare programs had been misplaced or lost by its contractor, Computer Sciences Corporation (CSC). The provider information included names, addresses, dates of birth, and Social…
Genesco takes VISA to court over data breach (updated)
Back in January, there were reports that Genesco might sue card issuers over their response to the firm’s malware breach in 2010. Now dmarsteller reports that Genesco has, indeed, sued VISA. The lawsuit was filed Thursday in Nashville. dmarsteller explains: VISA later fined Fifth Third Bank and Wells Fargo $5,000 each and levied another $13.3…
LinkedIn Wins Dismissal of Privacy Lawsuit in California
Joel Rosenblatt reports: LinkedIn Corp. (LNKD), the biggest online professional-networking service, won dismissal of a lawsuit claiming it failed to follow industry standards and its own promises in encrypting user password information. The lawsuit, filed last year in federal court in San Jose, California, followed the company’s website being hacked and 6.5 million member passwords being posted…
Is Kively.com revealing user info?
On February 7, a site reader alerted me to a possible problem over on Kively.com: Look at the description directory – it reveals all the PII when there is some in the descriptor. After looking at the description directory, I found myself wondering about whether some of the entries were, in fact, disclosing some PII. Instead…
Follow-up: Former law firm employee sentenced to 13 years in prison for role in ID theft/tax refund fraud ring
Jay Weaver provides an update with additional details on a breach involving Rodney St. Fleur, an employee of a Miami law firm who misused his access to LexisNexis database searches to steal over 20,000 individuals’ information for a tax refund fraud scheme. Weaver reports that in court, St. Fleur admitted that he had stolen the…