In a breach report that is eerily reminiscent of an incident last year, Amway Corp. has reported a web site breach that has enabled fraudsters to obtain some Amway independent business owners (IBOs)’ personal information and attempt to divert bonus payments by altering their banking information.
Category: Business Sector
Bits ‘n Pieces
In the justice system: Boynton Beach police announced the dismantling of an organized identity theft ring defrauding unsuspecting victims throughout South Florida. “Operation Decoder Ring” led to charges against 10 people, including Rolando Manuel Figueredo-Triana, on more than 70 counts of organized scheme to defraud, grand theft, criminal use of personal identification, forgery, unauthorized sale…
Pfizer: Oops, an employee threw out your data
After a lull in security incidents following a string of breaches between 2006 and 2008, Pharmaceutical giant Pfizer recently reported another security incident. According to a notification (pdf) filed by their attorneys, a Pfizer employee “inadvertently left a backup hard drive in a box that was discarded in the trash on March 26, 2009. Because…
Newton Manufacturing discovers hackers acquired customer data in repeated intrusions
In what was likely a nasty shock for Iowa-based Newton Manufacturing, Jnc., a recent security audit revealed that the company’s databases had been breached in September 2008, October 2008, and February 2009. Hackers apparently accessed and acquired customers’ personal information including names, addresses, and Social Security numbers. According to a notification (pdf) filed by the…
Most of Hannaford breach lawsuit tossed out by judge
Trevor Maxwell of The Portland Press Herald reports that Judge D. Brock Hornby of the U.S. District Court in Maine has dismissed nearly all of the claims filed again Hannaford Bros. for the massive breach they suffered in 2007 and early 2008. Only consumers who were not reimbursed by their banks for fraudulent charges on…
Pointer: European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs
The Privacy and Security Law Blog has a nice article by Hunton & Williams LLP on the new European Parliament position on data breach notification requirement for telecoms and ISPs. As the authors note, “For the first time in EU law the amendments [to the e-Privacy Directive] introduce a definition of “personal data breach” and…