The FTC’s lawsuit against Wyndham over three data breaches didn’t go unnoticed by Wyndham’s shareholders, one of whom, Dennis Palkon, recently filed a shareholder derivative lawsuit against Wyndham Worldwide Corporation and its executives in federal court in New Jersey. I’ve uploaded the lawsuit here (pdf, 8.4MB, 86 pp.). The redactions are in the court filing, and…
Category: Breach Incidents
In his words: How a whitehat hacked a university and became an FBI target
Sean Gallagher reports on the hack of U. Maryland that got a contractor’s former employee in hot water with the FBI: David Helkowski stood waiting outside a restaurant in Towson, Maryland, fresh from a visit to the unemployment office. Recently let go from his computer consulting job after engaging in some “freelance hacking” of a…
UK: Lucia Bar in ‘shocking’ privacy breach
Anwen Baker reports: Lucia Wine Bar and Grill have been accused of breaking data protection laws after the CVs of over 600 people, including York students, were uploaded to their website. The CVs and cover letters of 605 people who had applied online to work at Lucia, which has branches in York and Beverley, were…
Oregon investigating complaints about the Archdiocese of Portland’s handling of ID theft
Brent Hunsberger reports: Oregon regulators are investigating whether the Archdiocese of Portland violated state law by failing to properly notify employees and volunteers that they could be victims of tax-return fraud. The Oregon Division of Finance and Corporate Securities has received two complaints from consumers about the Archdiocese, which oversees schools and parishes serving 418,000 Catholics in…
Wyndham’s former director of security compliance says many Super 8 hotels not PCI DSS compliant
I initially thought I’d just skip posting an article on Consumer Reports that seemed to just be a re-hash of what we knew already about the FTC case against Wyndham. But then I came to this statement: Now, David Durko, former director of Wyndham’s security compliance management, says that many independently owned and operated Wyndham…
Student loan debt collector exposes thousands of students’ loan debts to others
If you fell behind in your student loan repayments to the U.S. Education Department, “Mike Doe” (not his real name) may know about it. He didn’t want to know, but a vendor for NCO Financial Systems, the collection agency contracted by USED, recently sent him other students’ loan repayment collection statements. The statements included the individuals’ names,…