Drew Hansen reports: As we reported, the Office of Personnel Management’s decision not to renew two contracts with Falls Chuch-based US Investigations Services LLC led to the loss of 2,500 jobs. But it might also have set a precedent for how government handles contractor breaches. As a reminder, in July, the background checks division at USIS was…
Category: Business Sector
Dairy Queen update: almost 400 locations affected by Backoff malware
The Dairy Queen breach, first reported in August, is back in the news this week as more details emerged. In a statement issued yesterday, they write (emphasis added by me): International Dairy Queen, Inc. recently learned of a possible malware intrusion that may have affected some payment cards at certain DQ® locations and one Orange Julius® location…
G.H. Bass & Co announces credit card data breach at Orlando store
Michelle Dendy reports: G.H. Bass & Co. announced on Thursday that a small data capture device was attached to one of the cash registers in its Orlando store for a month. According to a release from G.H. Bass & Co., on Sept. 12 the company discovered an unauthorized person had connected a device to one…
The Evolution Store notifying customers of payment card and info breach (UPDATED)
As submitted to the California Attorney General’s website: Evolution Nature Corp., d/b/a The Evolution Store (“Evolution”), is writing to inform you of a data incident that may affect the security of your personal information. We are unaware of any actual or attempted misuse of your personal information but are nevertheless providing notice of this incident…
Huge Data Leak at Largest U.S. Bond Insurer
Brian Krebs writes: On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to…
Update to AT&T insider breach
Mainstream media has now caught up with the AT&T insider breach I reported on October 3. Reuters reports that 1,600 customers have been notified of the potential compromise of their information.