Are cases of access in excess of authorization involving federal employees snooping in databases treated too lightly? Levi Pulkkinen reports on a case where some may think that a federal employee who misused access to the IRS database got off too lightly: An IRS worker accused of using the agency’s service database to snoop on her…
Category: Breach Incidents
UK: Police officer on trial for using files to vet one of his wife’s tenants
A police officer has gone on trial accused of using a police station computer to vet one of his wife’s tenants. Harry To, a constable with Fife Constabulary, is said to have accessed the force’s “Crimefile” computerised recording system without authority on seven occasions. Read more on STV. Long-time readers realize that this is not…
Rubio’s Warns Shareholders And Workers Compensation Claimants That Their Data Were Stolen From Auditor’s Car
If you follow me on Twitter (@pogowasright) or follow @datalossdb, you’ll know that over the past few months, I’ve started just sending some items directly into the database without reporting them on this blog. A few nights ago, I added a bunch to the database – some of which I tweeted – after discovering that…
Cigna to notify some insured that employee e-mailed their names and SSN home
Now that California is posting breach notes on its site, I’m finding out about a slew of breaches that I did not find through other sources. Of the 27 breaches they’ve posted since the beginning of this year, I didn’t know about 16 of them: They’ve now all been entered in DataLossDB.org. One just added…
UK: Web exposure breach at Toshiba last summer revealed … today?
Toshiba Information Systems (UK) have breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website, the Information Commissioner’s Office (ICO) said today. The ICO was informed by a member of the public in September last year that the personal details of individuals…
Computer specialist who had warned Iranian banks about vulnerability, hacks and dumps 3 million accounts to make his point
Is it just me, or have these folks missed the point? From The Tehran Times: A computer specialist, who used to work for a PSP (payment service provider) company which offers a number of Iranian banks services for accepting electronic payments, has hacked accounts of three million bank customers to show the vulnerability of the…