I’ve often thrown up my cyber-hands in disgust at breaches that occur because people leave unencrypted PII or PHI in unattended vehicles. But sometimes, you read an incident report, and you can somewhat relate. This report by attorney Michael Koch, dba Lockhart, Britton & Koch in La Mesa, California is one of those times. From…
Category: Business Sector
Caribou Coffee Customer Data Exposed In POS Security Breach
A breach involving coffee customer data at Caribou Coffee stores throughout the country. A notice on their web site explains: Data Security Notice Dear Valued Guests: We want to be in touch with you regarding a recent incident that may have involved access to your payment card information. What Happened On November 28, 2018, we…
Eyeware retailer Warby Parker forces password reset; notifies 198,000 customers of credential stuffing attack
Sam Woods reports: Eyewear retailer Warby Parker announced Thursday that it had suffered a cybersecurity breach that may have affected up to 198,000 customers.Hackers accessed customer usernames and passwords from unrelated cyber break-ins at other companies, according to a Warby Parker news release. The hackers then used that information to try to gain unauthorized access to client…
NY: Ronin Gallery notifies customers of payment card breach
So I meant to report on this breach last week, but when I went to their web site to see if they had any notification up, I started browsing all the Japanese and Eastern Asian art, and forgot to get back to writing up the breach report. Thanks to “Russy” who sent me a reminder…
DrBenLynch.com notifies customers of payment card compromise
DrBenLynch.com is a commercial site that focuses on naturopathic research and supplements. At least I think it does. The site is down right now “for maintenance,” which seems to be this generation’s euphemism for “OK, we were hacked and we’re fixing things.” As reported to at least a few state attorneys general, DrBenLynch.com experienced a…
MA: Payment Processor to Pay $155,000 Over Data Breach Affecting Thousands of Massachusetts Residents
Massachusetts Attorney General had a busy day yesterday announcing enforcement actions over data breaches that had been disclosed in 2015. In addition to her announcement about the McLean Hospital settlement, she also announced a second settlement stemming from another 2015 breach that had also been reported by DataBreaches.net at the time. A California company that…