Often, the only way we find out the scope of a problem is when the media or activists file a freedom of information request. Some data revealed thanks to a Freedom of Information request made by the Scunthorpe Telegraph: Humberside Police officers and staff breached data protection laws 67 times in the past three years,…
Category: Breach Incidents
UK: Around 10,000 CRB background checks land in the wrong inbox
Gwent Police is taking remedial action after the Information Commissioner’s Office (ICO) found it in breach of the Data Protection Act for accidentally emailing results of Criminal Reference Bureau (CRB) checks performed by the force to a member of the public. An email containing a spreadsheet of the results of around 10,000 CRB enquiries was…
eHarmony Hacked
Brian Krebs writes: Online dating giant eHarmony has begun urging many users to change their passwords, after being alerted by KrebsOnSecurity.com to a potential security breach of customer information. The individual responsible for all the ruckus is an Argentinian hacker who recently claimed responsibility for a similar breach at competing e-dating site PlentyOfFish.com. […] Joseph…
OK: Leader of credit-card fraud plot gets seven-year sentence
David Harper reports: A California man has been sentenced in Tulsa to seven years in prison for an interstate credit-card fraud conspiracy that involved more than $100,000 and victimized 18 financial institutions ranging from Merrill Lynch to the Bank of Hawaii. Jonathan Edward Vergnetti, 39, also was ordered by U.S. District Judge James Payne this…
OR: Payroll data on 550 DOC employees found on thumb drive in Madras
Dennis Thompson Jr. reports: A thumb drive turned up in Madras containing confidential payroll information for nearly 550 Oregon Department of Corrections employees — a security breach that potentially affects as many as one in 10 DOC employees. A member of the public who came into possession of the flash drive notified the agency on…
UK: Labour forum leaks email addresses
John Leyden reports: Basic design flaws on a Labour party members forum exposed the email addresses of users to harvesting. Surfers who register through the site http://members.labour.org.uk were invited to confirm their membership, and activate their account, by clicking on the link in an email sent to a specified account. The email follows the form…