The following is the FTC’s press release. In the next post, I’ll publish HHS’s press release on their settlement with Rite Aid. Rite Aid Corporation has agreed to settle Federal Trade Commission charges that it failed to protect the sensitive financial and medical information of its customers and employees, in violation of federal law. In…
Category: Breach Incidents
Citi plugs privacy hole in iPhone banking app
Elinor Mills reports: Citibank has fixed a flaw in its iPhone app that was inadvertently storing customer account data on the mobile devices, the company said on Monday. “During a recent review, we discovered that our U.S. Citi Mobile iPhone banking app was accidentally saving information related to customer accounts in a hidden file on…
SC: Post Office Admits Error in Sending Out Personal Information
Michael Benning reports: The United States Post Office is responding to a story aired on WLTX where two women say they were delivered employees’ personal information. Friday, Anne Clarkson and Sam Ruskin told us they had received a receipt in the mail last week for an outgoing package. On the back of the receipt was…
Hacked investment firm says hack intended as a launch pad
Attorneys for Resnick Investment Advisors in South Carolina have notified the New Hampshire Attorney General’s Office that in June 2010, the investment firm’s network was breached. The breach was discovered on June 22, and the means of attack identified and reported to the FBI. An investigation into the incident reportedly indicated that the breach did…
Former Brio Tuscan Grille employee sentenced
A former Kansas City, Mo., man was sentenced in federal court last week for stealing identity information from customers at the Plaza restaurant where he worked, then using that information to make online purchases. John David Woody, 35, of Los Angeles, Calif., formerly of Kansas City, was sentenced by U.S. Chief District Judge Fernando J….
(follow-up) AU: Alleged hacker pleads guilty to data theft
ABC News in Australia reports: An alleged computer hacker has confirmed guilty pleas to charges of theft of personal information. South Australian police alleged Anthony Scott Harrison, 21, infected more than 3,000 computers worldwide with software designed to capture bank and credit card details and had potential to infect up to 74,000 computers. Harrison has…