Four days ago, DataBreaches.net was contacted by a former customer of Click2Mail who reported their suspicion that Click2Mail may have been hacked, sprung a leak, or shared their data with some firm that hadn’t protected it properly. Given the size and scope of Click2Mail’s operations, including the fact that it is a recognized affiliate direct…
Category: Breach Incidents
Taconic Biosciences settles lawsuit stemming from 2017 W-2 phishing breach (updated)
One of the victim companies of a W-2 phishing attack that this site reported in 2017 was a New York firm called Taconic Biocences. A copy of their notification to the Maryland Attorney General’s Office is still available online, here. Recently, News10 in New York reported that there has been a $2.7 million settlement in…
Hibiscus Petroleum suffers cyber attack
Mark Lammey reports: Hibiscus Petroleum said today that its IT system was “subjected to an attack” last week. The Malaysian firm said the affected parts of the system were isolated and partially shut down. Hibiscus said the system was gradually being restored and that production operations had not been impacted. Read more on Energy Voice. …
Cancer Treatment Centers of America in Atlanta discloses three phishing incidents in 6 months
The Cancer Treatment Centers of America (CTCA) has had its name cross my desk a lot this past year. And that’s not a good thing. There have been five Cancer Treatment Centers of America breach notices that have been publicly disclosed since November 2018. Three of them involved the Southeastern Regional Medical Center in Atlanta,…
Daily Dicta: The FTC Should Be Suing Itself for How It Handled This Case
Jenna Greene has a column today on the LabMD case. Sadly, it is behind a paywall, but it begins: Government consumer protection lawyers are supposed to be the good guys, the ones in white hats sticking up for the citizenry. Which is why it’s particularly upsetting when it turns out they’re in the wrong—as was…
TN: ‘Father of Identity Theft’ Convicted on 13 Federal Counts
Dark Reading reports: James Jackson, a 58-year-old Memphis resident, used the identities of deceased individuals to steal money from banks and the estates of the dead. James Jackson, the self-proclaimed “Father of Identity Theft,” has been convicted of 13 counts of mail fraud, aggravated identity theft, access device fraud, and theft of mail. He now…