Hiawatha Bray reports: TJX Cos., which owns the T.J. Maxx and Marshalls discount retail chains, has settled an investor lawsuit related to the theft of millions of its customers’ credit card numbers. The Louisiana Municipal Police Employees’ Retirement System, which holds shares of TJX stock, alleged that members of the TJX board of directors failed…
Category: Breach Incidents
Pirate Bay Hack Exposes User Booty
Brian Krebs reports: Security weaknesses in the hugely popular file-sharing Web site thepiratebay.org have exposed the user names, e-mail and Internet addresses of more than 4 million Pirate Bay users, according to information obtained by KrebsOnSecurity.com. An Argentinian hacker named Ch Russo said he and two of his associates discovered multiple SQL injection vulnerabilities that…
(follow-up) Private info accidentally released
Fran Handy reports that after the Sparta School District in New Jersey erroneously sent out the unredacted version of a spread sheet containing vendors’ SSN and other information — instead of the redacted one that they had prepared in response to an open records request — the District has had some trouble getting the data…
UK: ICO finds three councils in breach of Data Protection Act
The Information Commissioner’s Office (ICO) has taken action against the London Borough of Barnet, West Sussex County Council and Buckinghamshire County Council for breaching the Data Protection Act. A systemic lack of staff training on how to handle personal information has led to the loss of sensitive personal information relating to thousands of children. Sally-anne…
25,000 sign up for state credit protection after data lost
Usually only a very small percentage of those offered free credit monitoring after a breach sign up for it. I was therefore surprised to see almost a third of those affected by one breach in Alaska earlier this year sign up. Pat Forgey reports: More than 25,000 anxious public employees and retirees have signed up…
(follow-up) Former FDIC Employee Fined for Leaking Financial Data
Merikay Wootton, 63, Lenexa, Kan., has been sentenced to 24 months probation and fined $3,600 for disclosing confidential information while she was an employee of the Federal Deposit Insurance Corporation. Wootton pleaded guilty to unlawfully disclosing confidential information from a government agency. In her plea, she admitted she was working as a loan officer for…