The World Privacy Forum offers comments on the proposed consent order, In the Matter of Ceridian Corporation, FTC File No. 102 3160. The World Privacy Forum is a non-profit, nonpartisan public interest research group that focuses on consumer education as well as analysis and research of privacy issues, including issues relating to health care privacy,…
Category: Business Sector
Michaels Stores hit with 2nd suit seeking class-action status [repost]
[repost] Becky Yerak reports: Michaels Stores Inc., which disclosed that its checkout-line PIN pads were tampered with in Illinois and 19 other states, has been hit with two lawsuits seeking class-action status by consumers alleging that the arts and crafts retailer failed to safeguard shoppers’ credit and debit card information and PIN numbers. The latest…
SelfCatering.ie hack revealed in report on Ireland’s Data Protection Commissioner [repost]
[repost] One of the case studies in the 2010 annual report of the Data Protection Commissioner discussed a breach that I had not seen before: Case study 14: Hacking attack on SelfCatering.ie website A bank made a data security breach notification to my Office in 2009 in relation to the credit cards of 1200 customers…
Honda Data Breach Triggers Lawsuit [repost]
[repost] Mathew J. Schwartz reports: … As with the Sony breach, lawyers for Honda customers filed a class action lawsuit on behalf of affected customers, seeking 200 million Canadian dollars ($206 million). The claim says that the breach exposed customers to “theft of their identity, theft from their bank accounts, and theft from their debit…
(update) Texas office responsible for dumpster breach identified [repost]
[repost] As an update to a dumpster breach reported previously, KTSM in Texas reports that the office responsible for the breach was Tax Matters. Of note, Lindsey Reiser reports that at least one former client of the business was upset that they still had his records: “We had broken our relationship several years ago,” the…
South Africa: DMASA “do not call” database ‘leaked’ [repost]
[repost] Nicola Mawson reports: Around 39 000 South Africans who signed up on the Direct Marketing Association of SA’s (DMASA’s) “do not contact” database are at risk of identity theft, because the list has been leaked to companies that aren’t DMA members. The database contains sensitive information such as contact details, addresses and identity numbers….