U.S. – Page 1238 – DataBreaches.Net

Nine Defendants Plead Guilty in $20 Million Stolen Identity Refund Fraud Ring

Posted on April 1, 2015 by Dissent

There’s a follow-up to a case previously reported on PHIprivacy.net and on this site. From the U.S. Department of Justice: Alabama and Georgia residents pleaded guilty for their roles in a $20 million stolen identity refund fraud (SIRF) conspiracy, Acting Assistant Attorney General Caroline D. Ciraolo of the Justice Department’s Tax Division and U.S. Attorney George…

Hacked uni’s admins hand ID theft prevention reward to data burglars

Posted on April 1, 2015 by Dissent

I wish this was an April Fools’ Day prank, but it’s not. Alexander J. Martin reports that Bradley University’s response to their recent breach may just have made things worse for their employees. Keep in mind as you read the following that the breach involved Social Security numbers: The private institution then attempted to mitigate…

FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair

Posted on April 1, 2015 by Dissent

Katherine Gasztonyi writes: On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act…

MA: Life Care Center of Attleboro Notifies Former Patients and Employees of Missing Records

Posted on March 31, 2015 by Dissent

Patients at Life Care Center of Attleboro between 1992 and 2004, in 2006, or in 2011, may have been affected by a breach involving paper records. The breach involved storage vendor Iron Mountain, who was unable to locate the records during a limited audit. Although neither Iron Mountain nor Life Care Center of Attleboro seem to suspect data…

More details on the French Lick Resort payment card breach

Posted on March 31, 2015 by Dissent

In January, French Lick Resort in Indiana disclosed a malware-related breach affecting payment card data. On January 31, attorneys for Blue Sky Casino, LLC, the parent company, formally notified the Maryland Attorney General’s of the incident. The notification provides additional details on the incident, including the fact that the firm sent out 87,975 notification letters…

Zappos data breach settlement falls apart over attorneys’ fees

Posted on March 31, 2015 by Dissent

Back in January 2012, Zappos, which is owned by Amazon, disclosed that it had been hacked and that they were notifying more than 24 million customers. Less than one week later, the first lawsuit had been filed. Shortly thereafter, state attorneys general opened their own investigation into the breach. In January 2015, Zappos settled with the…