An update from the BBC about a breach I hadn’t spotted before: The Information Commissioner’s Office has said it is satisfied with Dumfries and Galloway Council’s actions in the wake of a data protection breach. It followed the inadvertent release of personal information which was later posted on the internet. It is understood that the…
Category: Breach Incidents
A 2011 breach rears its ugly head again?
It seems that everywhere I go, I stumble over breaches that I didn’t know about. Today, something on Findlaw showed up in searches. It said: I am unfortunately a victim of identity theft as of 2014. I just found out about it in february of 2015. Luckily for me the thieves did not do too…
Oh, those old files left lying around on your server, Saturday edition
It turned out to be no huge deal (thankfully), but after an announcement on Twitter by @Compl3x1ty of a login dump involving a medical group’s site, DataBreaches.net attempted to contact the Lutheran Health Network to alert them that data from the St. Joseph Medical Group had been accessed and dumped. The data dump indicated that an SQL injection had…
TX: Former Methodist Healthcare employee sentenced to more than 10 years; stole patient info for unemployment benefits
Guillermo Contreras reports on a case I don’t recall seeing before: A judge sentenced a former Methodist Healthcare worker to more than 10 years in federal prison Thursday for stealing patient identities and using the information to claim unemployment benefits. U.S. District Judge Orlando Garcia ordered Andrea Nicole Brooks, 30, to serve 97 months for…
The long road to catching “Bitcoin Baron,” the “Internet’s most inept criminal”
Jack Smith IV has a piece on Randall Charles Tucker (a/k/a “Bitcoin Baron”), who was recently arrested. Smith’s piece includes a recap of some of Tucker’s attacks on sites, but also includes chat transcripts that give insight into his thinking and behavior. The Observer article will be of interest to those interested in the motivation and…
“Freedom’s” just another word for data left to lose? (with apologies to Janis)
From Freedom Smoke‘s submission to the California Attorney General’s Office, a notice of a “potential security breach.” Note that the firm has already received reports of fraudulent charges on credit cards possibly linked to this incident, even though they have no evidence confirming illegal use: We identified that between approximately February 11, 2015 and March 16,…