Lawyers for Chart Industries, Inc. recently notified [pdf] the New Hampshire Attorney General’s Office that eight of Chart Industries’ laptops were stolen on the evening of July 23 from their corporate offices in Garfield Heights, Ohio. The theft was discovered the next morning and immediately reported to the police. Chart discovered the theft on Friday…
Category: Breach Incidents
Wells Fargo employee accused of accessing customers’ accounts
A Wells Fargo Bank employee working inside a bank call center was arrested Friday for accessing customer accounts and taking money out, according to the U.S. Attorney’s office. Ronita Prasad, 28, of Antelope gained access to customer accounts through a protected system without authorization. She used customer account access to pay her own debts, open…
Texas AG announces settlement with Cornerstone Fitness
As a follow-up on a breach previously reported here, Texas Attorney General Greg Abbott announced that the state has reached an agreement with Cornerstone Fitness, L.L.C. that requires the fitness center to better protect its customers’ personal information. In February, the Attorney General charged Cornerstone with violating a Texas law that governs the disposal of…
Bits ‘n Pieces
Alpha Daye Bah was arrested last week on charges that he stole at least 20 customers’ data from an unnamed restaurant and passed it to co-conspirators. More. Jason Reed and Derek Edwards were arrested for conspiracy to commit identity theft. Following a — wait for it — traffic stop, the officers found stolen credit cards…
Amex cardholders’ data stolen by employee
A lot of sites are posting a news story with almost no details involving American Express. From what I read elsewhere about the notification, this is likely the incident that was reported here last month.
An open letter to Heartland CEO Robert Carr
Rich Mogull of Securosis joins Mike Rothman in taking Heartland Payment Systems CEO Bob Carr to task for his comments that seemed to shift responsibility for the breach to the assessors who told them they were PCI-compliant: […] PCI compliance means you are compliant at a point in time, not secure for an indefinite future….