Ian Swanson reports: The Scottish Government has issued an apology after it inadvertently revealed the identities of more than 100 civil servants negotiating severance packages for themselves. An e-mail sent to employees to update them on the government’s early retirement and voluntary severance process displayed the e-mail addresses of all their colleagues who were receiving…
Category: Breach Incidents
Patient data stolen from Philadelphia’s Family Planning Council
Robert Moran reports: The Family Planning Council in Philadelphia made public Friday that a computer storage device containing the personal and medical records of about 70,000 patients was stolen in December and remains missing. The theft was blamed on a former worker whose employment ended Dec. 28, the day the theft was discovered and reported…
AU: Govt loses credit card details in attack
Darren Pauli reports: More than 600 corporate credit cards owned by top Federal Government agencies from the Department of Defence to the Australian Federal Police have been exposed in a suspected espionage attack on a Sydney firm. ZDNet Australia has obtained an document that contains 629 valid credit card numbers along with expiry dates, organisation…
In Surprise Appeal, TJX Hacker Claims U.S. Authorized His Crimes
Kim Zetter reports on an appeal filed by Albert Gonzalez. Gonzalez has asked for his guilty pleas to be overturned, claiming that everything he did (his criminal acts) were at the behest of the Secret Service and that he did not know that he could offer a Public Authority defense. In writing his appeal, Gonzalez…
SC: Veterans’ Personal Info Exposed by Aiken V.A. Employee
Brett Buffington reports: Personal information, including social security numbers of over 2500 local veterans, may have been exposed by an employee at the V.A. Center in Aiken. The revelation comes after a month-long investigation by WJBF News Channel 6. Reporter Brett Buffington first asked officials at the Aiken office and their parent, the Norwood V.A….
The Epsilon Hack Attack: Time For “SOX For Consumers”?
Matt Pauker of Voltage Security discusses the Epsilon breach and where we go from here. He writes, in part: What about requiring every third-party service provider to protect personal customer data through encryption, tokenization or another advanced security technology, through clauses written into and enforced as part of standard service level agreements? This is something…