As a follow-up to an insider breach reported in April, Walter Healey, a former employee of New York State’s Department of Taxation and Finance pleaded guilty to stealing the identities of taxpayers and will now have to pay restitution and serve 1 ½ to 4 years in prison upon sentencing in October. AP also provides…
Category: Breach Incidents
FBHive.com Facebook Exploit
Here’s how they did it, below. Facebook has since secured the site against this exploit: Facebook Basic Information Exploit from FBHive on Vimeo.
FTC Approves Consent Order in CVS Case
Following a public comment period, the Commission has approved a final consent order in the CVS Caremark case involving failure to adequately secure customers’ medical and financial data. Prior coverage of the case can be found here. Additional documents on the case can be found here. According to the complaint, CVS Caremark did not implement…
Analysis of Savvis’ Motion to Dismiss Lawsuit
David Navetta has written a clear and helpful analysis of Savvis’ motion to dismiss Merrick Bank’s lawsuit against Savvis, arising out of the CardSystems Solutions breach.
Security Breach Announced at Cornell
A stolen Cornell University computer has compromised the personal information of thousands of members of the University community. The computer contained the names and social security number of current and former students as well as current and former faculty and staff members. An e-mail obtained by WVBR said that currently, no misuse of this sensitive…
TJX Settles with 41 States
TJX announced that it has settled with 41 Attorneys General over its massive data breach that they disclosed two years ago. In its statement, TJX denied that it broke any laws, saying, “TJX firmly believes that it did not violate any consumer protection or data security laws.” Under the terms of the settlement, as described…