Am I the only one who actually feels embarrassed these days to read a breach notification that tries to reassure those notified by emphasizing that the data were password protected? Consider this excerpt from a breach notification written last month: However, the information on the server is password protected. Accordingly, for any unauthorized person to gain…
Category: Business Sector
Prêt a Manger worker gets up to four years in prison for stealing more than 100 customers
A follow-up to an insider skimming breach noted here in August 2013. Shayna Jacobs reports: A former Chelsea Prêt a Manger employee who was behind the identity theft of over 100 of the eatery’s customers was sentenced to up to four years in prison Wednesday. Nigel McCollum, 23, previously pleaded guilty to identity theft, forgery,…
France’s Orange says telecom’s client data stolen – again
In February, I noted a breach involving 800,000 Orange customers that occurred in January. Now Reuters reports: French telecoms group Orange said around 1.3 million subscribers or potential subscribers fell victim to a theft of personal data, including telephone numbers, dates of birth and email addresses, last month. […] In mid-April, hackers accessed a software…
Wyndham faces more litigation over breaches – this time, from shareholders
The FTC’s lawsuit against Wyndham over three data breaches didn’t go unnoticed by Wyndham’s shareholders, one of whom, Dennis Palkon, recently filed a shareholder derivative lawsuit against Wyndham Worldwide Corporation and its executives in federal court in New Jersey. I’ve uploaded the lawsuit here (pdf, 8.4MB, 86 pp.). The redactions are in the court filing, and…
UK: Lucia Bar in ‘shocking’ privacy breach
Anwen Baker reports: Lucia Wine Bar and Grill have been accused of breaking data protection laws after the CVs of over 600 people, including York students, were uploaded to their website. The CVs and cover letters of 605 people who had applied online to work at Lucia, which has branches in York and Beverley, were…
Affinity Gaming reports second data breach
Howard Stutz reports that Affinity Gaming has reported a second hacking incident involving its payment card processing system. But although its first incident reportedly affected up to 300,000 customers, Affinity Gaming is confident this breach did not result in the theft of any customer card data after April 28th. They do not indicate when the…