Kevin Poulsen provides newly released details on the 7-Eleven hack included in Albert Gonzalez’s plea agreement: ….In his most recent plea agreement, filed in court on Monday, confessed hacker Albert Gonzalez admitted conspiring in the 7-Eleven breach, and fingered two Russian associates as the direct culprits. The Russians are identified as “Hacker 1″ and “Hacker…
Category: Breach Incidents
Heartland to pay up to $2.4 million to settle cardholder class action suit
Under the terms of the settlement, Heartland says it will pay a minimum of $1 million and up to a maximum of $2.4 million to class members who submit valid claims for losses as a result of the intrusion. The payment processor says it will also shell out $1.5 million for the cost of notice…
UPDATE: France agrees to hand back ‘stolen’ Swiss bank data
From the Agence France-Presse: France said Monday it would agree to a Swiss request to hand back data taken from a HSBC bank branch in Geneva that is at the centre of a row between the two countries. France said Monday it would agree to a Swiss request to hand back data taken from a…
Attorney for doctors in WDH privacy breach disputes AG’s finding
Adam D. Krauss continues to update us on this case: An attorney for two doctors impacted by the privacy breach at Wentworth-Douglass Hospital says the Office of the Attorney General would have found WDH had to notify patients if the state knew a rogue employee accessed patients’ social security numbers and sensitive insurance policy data….
UK: Shropshire Council found in breach of the Data Protection Act
The Information Commissioner’s Office (ICO) has found Shropshire Council in breach of the Data Protection Act following the loss of an unencrypted memory stick containing sensitive information relating to a large number of adult social care clients and members of staff. The memory stick, which contained a social care management database including sensitive health information,…
PA: Malware opens door to possible information exposure
From Pennsylvania State University’s web site: A computer in the Dickinson School of Law that contained 261 Social Security numbers from an archived class list was found to be infected with malware that enabled it to communicate with an unauthorized computer outside the network. As soon as the University became aware of the malicious software…