Following up on the station’s earlier report, Paris Lewbel reports: Nearly 40 people have been notified by the Indiana Attorney General’s Office after their tax documents were found in a dumpster. Many of the people were not Indiana residents. […] The Indiana Attorney General also sent a letter to the nearby tax preparer to find…
Category: Breach Incidents
Commenters on Henry Schein consent order: FTC was too lenient
Public comments on the consent order in FTC v. Henry Schein Practice Solutions are now available. The FTC will be responding to commenters, but I wanted to note one particular point raised by commenter because I hadn’t considered it when I filed my complaint with the FTC, and I think the commenters are right. Note that I did not submit…
22,000 dental patients’ info exposed on unsecured Eaglesoft FTP server
Eaglesoft software by Patterson Dental is a popular patient management system. But just as one security researcher had concerns about patient data security in Henry Schein’s Dentrix G5 software, he’s also had concerns about Eaglesoft, albeit for different reasons. He contacted this site on February 6 and notified CERT of his concern: Eaglesoft does seem to…
The second rule of incident response is to follow the plan
From the who-put-the-frying-pan-in-that-fire dept. Several weeks ago, DataBreaches.net received a complaint concerning a breach involving the Montgomery County Housing Opportunities Commission in Maryland. It seems that a vendor’s 1099 tax statement had been sent to the wrong recipient. It was not a particularly unusual breach, but the 1099 had been sent as an unencrypted attachment to an email, so I read…
#opicarus sparks take down notice for KickAssPastes.com
2016 has started off to be an interesting year so far and today makes it just that little more so as a well known paste site KickAssPastes appears to have been sent a take down notice on behalf of Citi from a company who conducts cyber intelligence. It all started when KickAssPastes posted earlier today a…
KY: Retired firemen address board after newsletter containing sensitive information circulates
Lana Bellamy reports: A group of firefighters are concerned about possible identity theft in light of the publication of sensitive personal information on Ashland Commissioner Kevin Gunderson’s electronic newsletter. Last month, Gunderson’s regular electronic newsletter “Kevin Mail” had documents attached containing the names, partial Social Security numbers and pension member identification numbers on invoices related…