Breach Incidents – Page 1163

Court: Computer Fraud and Abuse Act violated even if no financial motive or gain

Posted on January 1, 2011 by Dissent

Back in August 2009, I noted the conviction of a former SSA employee, Roberto Rodriguez. At the time, I reported: Roberto Rodriguez, 54, formerly of Fort Lauderdale, FL, was convicted by a jury on July 29, 2009 of seventeen counts of exceeding his authorized access to a government computer. Rodriguez is scheduled to be sentenced…

KCI notifies some patients that employee misused their payment cards

Posted on January 1, 2011 by Dissent

On December 21, KCI (Kinetic Concepts, Inc.) Health Care Compliance notified the New Hampshire Attorney General’s Office of a security breach involving fraud. An employee in their Texas call center with authorized access to a database containing customers’ payment card data had reportedly misused the information of “several” customers to make purchases in the San Antonio area….

Blue Cross Blue Shield Applications Found in Trash

Posted on December 31, 2010 by Dissent

Robert Siciliano writes: Private investigator William Cobra Staubs, was doing some dumpster diving conducting some “research” this week and happened upon a big box of discarded medical files and applications tossed there by what appears to be a Blue Cross Blue Shield agent who didn’t need them any longer. He found over 30 documents and…

Keylogger captured Sovereign Bank customer data

Posted on December 31, 2010 by Dissent

By letter dated December 22, Sovereign Bank’s Chief Privacy Officer notified the New Hampshire Attorney General’s Office of a security breach: On October 15, Sovereign Bank… became of aware of unusual activity based on IP traffic. Upon discovery of the issue, the Bank launched an investigation, and performed due diligence which was completed on December…

Law firm’s credentials misused to access Experian database

Posted on December 31, 2010 by Dissent

Experian has a lot of clients and sometimes those clients’ login credentials fall into the wrong hands. That appears to be the case again. Experian notified the New Hampshire Attorney General’s Office on December 22nd that someone using the access login credentials of the law firm of Samuels, Green, and Steel, LLP had accessed an unspecified…

Mailing glitch exposes CHS patron SSNs

Posted on December 31, 2010 by Dissent

After Minnesota-based CHS Inc. mailed PATR-1099 forms to its patrons in mid-November, they received a call from one recipient alerting them that both the name and Social Security Number was visible through the window in unhyphenated form. After investigating, CHS determined that SSN were exposed in at least some cases. In a letter to the…