Cross-posted from PHIprivacy.net: Adam Greenberg reports on two cases where businesses have challenged the FTC’s authority in data security cases. Although Wyndham’s challenge has been discussed in detail on DataBreaches.net (see these posts), I haven’t really described the LabMD case until now. In the LabMD case, the Atlanta Business Chronicle reported last year: The federal agency…
Category: Breach Incidents
California Dept. of Consumer Affairs has a breach, but doesn’t notify those affected for 6 months?
Ouch. The California Department of Consumer Affairs – Bureau of Automotive Repair (“BAR”) learned that a service provider had a network intrusion breach that gave someone access to bank account numbers and bank routing numbers belonging to the Smog Check stations licensed by the BAR. The breach reportedly occurred between May 2012 and March 2013,…
Former Iberdrola employee charged in April breach
So it looks like the Iberdrola breach, reported in April, was a disgruntled employee situation after all. Steve Orr reports: In mid-April, an RG&E corporate parent announced that a computer intruder had compromised the privacy of job applicants’ personal data. Coming a year after another computer-privacy foul up involving Rochester Gas and Electric Corp., the…
NC: Page High School employee mistakenly releases 456 students’ information to a parent
Meanwhile, in North Carolina: Personal information, such as grades, phone numbers and home addresses, was mistakenly released for about 456 rising Page High seniors. On Tuesday, a school employee authorized to access the information accidentally released it to a student’s guardian, according to a news release from Guilford County Schools. The employee was answering an…
Update on Morningstar Document Research breach
Reuters reports: Investment research firm Morningstar Inc said personal information, including credit card details, of about 2,300 users of its Morningstar Document Research service may have been compromised due to a security breach last year. The incident on April 3, 2012 may also have led to the leakage of names, addresses, email addresses and passwords,…
Appeals Court Sends Fiserv Data Breach Case Back to Trial
Robert McGarvey reports that a credit union’s lawsuit against Fiserv has been resurrected by a Tennessee court: The Court of Appeals in Tennessee, in a ruling filed July 3, ruled that a lower court erred when it dismissed a suit filed by Copper Basin Federal Credit Union and CUMIS against Fiserv Inc., wherein the plaintiffs…