**Updated: **first edit i made a mistake and stated that paypal was the victim of the 0 day when it was infact ZPanel. Sorry for any inconvenience or misleading information. Earlier today a well known hacker group, Hack the planet had released a Zine which contains breached information on 2 well known website image service Imageshack and…
Category: Breach Incidents
FL: Bay County Sheriff’s Office Busts Identity Thief in Possession of Thousands of Tax Returns from Unnamed Preparer
Jason Hackett reports: … The trail led back to 26 year old Bryan Loyd and his home in Panama City Beach. Inside they found gym equipment, Michael Koors watches, Ray Ban sunglasses, flat screen TV’s, and other items apparently bought with fradulent credit cards. However, that was just the tip of the iceberg. “[We] located a large…
Strategizing the lawsuit against South Carolina
While I was offline, the lawsuit(s?) apparently commenced against South Carolina over their monster data breach. According to Meg Kinnard of Associated Press, however, plaintiffs might receive only a matter of pennies, as the state limits/caps how much a state agency can pay out for a breach, and that cap is $600,000. It may…
China’s Yihaodian vows more user privacy protection
Sarah Reeve writes: Yihaodian.com, a Chinese online grocery store controlled by US retailing giant Wal-Mart, has vowed to protect users’ privacy after some of its employees have been accused of selling user information, Global Times reported. The website reported the case to the police and upgraded its website system after it found its user information…
HSBC notifies customers after discovering former employee took customer data as a parting gift to himself
HSBC Bank USA National Association notified customers after an insider breach that occurred in July but was only posted to California‘s web site on October 30. It’s not totally clear to me when consumers were notified or when the state was. From the letter to those whose SSN’s weren’t involved: We recently became aware of an incident that…
Kaiser Permanente notifies employees after e-mail error exposes their SSN to unauthorized individual
On October 29, Kaiser Permanente began notifying employees of a breach that occurred August 24th when their names, Social Security numbers, and other information were mistakenly e-mailed to an individual not authorized to receive such information. From their letter: [First Name] [Last Name] [Street Address] [City], [State], [ZIP code] Dear [First Name], We are writing…