Add University of the Southwest to your list of those notifying current and former employees that their W-2 or payroll information was accessed without authorization from their vendor, Greenshades. But don’t jump to conclude that the fault is with Greenshades, because the tax filing vendor says the problem is not with them. Following up on previous breach…
Category: Breach Incidents
INAI urges Mexican Senate to pass legislation to help protect personal information
In the wake of the massive voter data leak affecting 87 million Mexican voters, INAI has urged the Senate to pass secondary legislation that would strengthen data protection by expanding the law to apply to political parties and agencies, and not just private businesses. I would think the leak would be enough to garner legislative support…
Mexico launches criminal probe into exposure of voter information (updated)
Dell Cameron reports: Mexican authorities have begun criminal proceedings into a data theft incident said to affect more than 87 million registered voters. Mexico’s National Electoral Institute (INE) filed a criminal complaint on Friday with the country’s election crimes office concerning millions of voter records discovered on a U.S.-based Amazon cloud server. The theft of…
Meanwhile, back at the phishing for W-2 department…
After 24 days of updating my scratch list of incidents involving phishing for W-2 information (business email compromise), I decided to take stock and try to organize what we have so far. I was surprised to see that there were already 90 incidents (make that 126 as of May 18th). Most of these entries were found…
Personal info of 93.4 million Mexicans exposed on Amazon (UPDATED)
In today’s installment of “Epic Infosecurity #FAIL,” more than 93.4 million Mexican citizens have had their voter registration details exposed online due to a misconfigured database. Why a database with Mexican voters’ information was hosted on a server outside of Mexico, who uploaded it to Amazon, and why it wasn’t properly secured are questions in search of answers. Last week, MacKeeper…
Denver Archdiocese payroll system breached, 18,000 at risk
So which vendor was responsible for this one? The archdiocese wouldn’t answer that question when I put it to them…. Tom McGhee reports: Authorities are investigating a data breach at the Catholic Archdiocese of Denver that put current and terminated employees, their dependents, spouses, and beneficiaries at risk of ID theft. A third-party software provider…