Ry Crozier reports: The NSW Government has terminated its relationship with the developers of the state’s transport blueprint website after they admitted a security lapse – rather than hack – was the cause of a document leak. Transport minister David Campbell sought to make “a brief clarifying statement” to state parliament late yesterday after causing…
Category: Breach Incidents
UT: Payment card skimmer secretly planted in gas station pump
Dan Goodin reports on yet another skimming operation involving a gas station, this one in Utah: It was discovered in late January at a 7-Eleven in Sandy, Utah. Police said it may have been actively monitoring transactions for as long as 60 days. It resulted in losses of more than $11,000. Read more in The…
UK: Mortgage company accidentally discloses over 15,000 account details
The Information Commissioner’s Office (ICO) has found Redstone Mortgages Ltd in breach of the Data Protection Act (DPA) after personal information relating to 15,333 mortgage accounts was emailed to a member of the public by mistake. The information, which included personal data relating to individuals’ arrears or possession proceedings, was sent to Redstone’s head office…
Ca: Alarming breach in privacy investigated at London school
An armload of personal documents — health records and criminal record checks among them — was found carelessly tossed out by a private vocational school in London, an alarming breach of security, the school’s director says. The bulk of the documents included criminal record checks, transcripts, diplomas, doctors’ notes, immunization and vaccination forms, health card…
HHS starts to reveal healthcare breaches reported to government
When HITECH was passed as part of the stimulus bill, it introduced new data breach notification requirements, including a requirement that breaches of unsecured personal health information held by covered entities or their business associates affecting more than 500 individuals be reported to the U.S. Department of Health & Human Services. The requirement was somewhat…
Equifax offers employees free Equifax credit monitoring after SSN exposed in mailing gaffe
After Equifax recently sent out IRS W-2 statements to most of its current employees and some former employees, they discovered that some employees’ control ID numbers were partially or completely viewable in the return address window of the envelope used by the payroll vendor. In an unspecified number of cases for U.S. employees, the control…