There’s an update to the Scottrade breach previously reported on this blog. The breach, potentially impacting 4.6M customers, was disclosed in October 2015 but had reportedly occurred between late 2013 and early 2014. Three individuals were indicted in November, 2015. Now Top Class Actions reports that a consolidated data breach class action lawsuit was filed in…
Category: Breach Incidents
Thinking about incident response
So I woke up to find that uKnowKids had issued a statement yesterday about their exposed database, an exposure that had been uncovered by and reported to them by Chris Vickery. Regular readers of this blog will recognize Chris’s name by now, as he’s uncovered a number of misconfigured databases that have been investigated by…
Los Angeles physical therapy provider settles HHS charges that it impermissibly disclosed patient information
An announcement by HHS on Feb. 16 seems to have flown under most media radar. It seems that Complete P.T. used patient images and testimonials on their web site without patient consent, generating a complaint to HHS that HHS investigated and confirmed. Complete P.T. has admitted liability, agreed to pay $25,000, and has agreed to a…
Spec’s Liquor Store Chain Suing Insurer Over 2014 Breach
And while we’re talking about data breach litigation…. In March, 2014, Spec’s Family Partners disclosed that 34 of its stores had been hit by a breach that exposed customer data from October 2012 through March 20, 2014. The “small percentage” of customers affected turned out to be approximately 550,000 customers and employees. Now Law360 is reporting…
Wendy’s accused of negligence after alleged data breach
So on January 27, Brian Krebs revealed that Wendy’s was looking into whether it had been breached. By February 8 – a long delay by today’s standards – a potential class action lawsuit was filed by attorneys for Jonathan Torres in the Middle District of Florida. Robbie Hargett of Legal Newsline has more on the lawsuit:…
Stolen Shire laptop contained patients’ personal and medical info
Pharmaceutical company Shire is notifying an unspecified number of individuals that their personal and medical information was on a laptop stolen from an employee’s car in Washington D.C. The laptop, which was issued by Shire Human Genetic Therapies, Inc. was stolen on December 30th and its theft was reported to the police immediately. Investigation into…