On June 2, CS Stars notified the New Hampshire Attorney General that a portable hard drive containing unencrypted personal information was stolen from an employee’s car on May 9. The total number of claimants affected was not indicated, but there were 94 residents of New Hampshire affected. According to their letter (pdf), CS Stars provides…
Category: Breach Incidents
T-Mobile Hacked? Yes. Maybe. No.
It’s been a confusing few days for those trying to understand what T-Mobile press releases were really saying about what they found when they investigated claims on the Full Disclosure mail list. Their somewhat terse statements led some of us to conclude that they were saying that they had some evidence of data theft, while…
IN: Pharmacy pays fine for jeopardizing patient information
In 2006, WTHR in Indianapolis ran a series of investigative reports on how local pharmacies were trashing sensitive prescription information. Their series resulted in legislative and state investigations and rightfully earned them a Peabody Award for the series. But the impact of their series is still being felt. Today, they report that Low Cost Pharmacy…
Class action lawsuit filed over Aetna hack (updated)
Courthouse News Service reports that a class action claim has been filed against insurance giant Aetna as a result of the recent security breach in which hackers gained access to personal information about 450,000 employees, former employees and potential employees. At the time, Aetna stated that the incident exposed the SSN of approximately 65,000 people….
UK: Nightwatchman left tax files centre open and unguarded while he sneaked off for a burger
Stephen Stewart of The Daily Record reports: A hungry security guard left highly sensitive files at risk while he went in search of a McDonald’s. The nightwatchman quit his post at the Customs centre in Dundee and propped open a door so he could get back into the building as he had no keys. […]…
Update: T-Mobile confirms some data theft
I received an updated statement from T-Mobile overnight. Their revised statement confirms that at least some data were stolen, but they do not confirm that the breach described on the the Full Disclosure mail list was as extensive as the hackers claimed when they posted, “We have everything, their databases, confidental documents, scripts and programs…