A reader alerted me to a breach notification he received from Perfect World subsidiary Cryptic Studios, a massively multiplayer online role-playing game developer. You can read the web version of their notice. The hack occurred in 2010 but was only first discovered now due to “increased security analysis.” The intruder reportedly accessed account names, handles,…
Category: Breach Incidents
Employee snooping in IRS database: it’s like looking people up on Google or Facebook – defense attorney
Are cases of access in excess of authorization involving federal employees snooping in databases treated too lightly? Levi Pulkkinen reports on a case where some may think that a federal employee who misused access to the IRS database got off too lightly: An IRS worker accused of using the agency’s service database to snoop on her…
UK: Police officer on trial for using files to vet one of his wife’s tenants
A police officer has gone on trial accused of using a police station computer to vet one of his wife’s tenants. Harry To, a constable with Fife Constabulary, is said to have accessed the force’s “Crimefile” computerised recording system without authority on seven occasions. Read more on STV. Long-time readers realize that this is not…
Rubio’s Warns Shareholders And Workers Compensation Claimants That Their Data Were Stolen From Auditor’s Car
If you follow me on Twitter (@pogowasright) or follow @datalossdb, you’ll know that over the past few months, I’ve started just sending some items directly into the database without reporting them on this blog. A few nights ago, I added a bunch to the database – some of which I tweeted – after discovering that…
Cigna to notify some insured that employee e-mailed their names and SSN home
Now that California is posting breach notes on its site, I’m finding out about a slew of breaches that I did not find through other sources. Of the 27 breaches they’ve posted since the beginning of this year, I didn’t know about 16 of them: They’ve now all been entered in DataLossDB.org. One just added…
UK: Web exposure breach at Toshiba last summer revealed … today?
Toshiba Information Systems (UK) have breached the Data Protection Act (DPA) after the personal details of 20 competition entrants were compromised by a security flaw on their website, the Information Commissioner’s Office (ICO) said today. The ICO was informed by a member of the public in September last year that the personal details of individuals…