Herb Weisbaum reports: The recent flood of fraudulent tax returns — both state and federal — is the work of “a criminal gang, possibly working outside the country,” a leading cyber security expert told NBC News. Haywood Talcove, CEO for government solutions at LexisNexis, believes the gang is using stolen user names and passwords to gain…
Category: U.S.
Uber Apparently Left Part of Its Lost and Found Database Public
Jason Koebler reports: Someone named Angelica left a Patti Smith record in the back of her Uber on February 5th. I know this, and Angelica’s phone number, because Uber has left its internal lost-and-found records on a publicly accessible site. Read more on Motherboard. The Uber url that leaked the data is now 404.
TX: Lubbock Housing Authority assisting applicants after data leak
Matt Dotray reports that Texas residents who filed a Section 8 application with the Lubbock Housing Authority for rent assistance may have had their names, addresses, Social Security numbers, and estimated income exposed on the LHA’s web site when the wrong (unredacted) file was uploaded on December 23, instead of the redacted-SSN one. The file remained online…
All in: NAIC wants all states and territories to collaborate in probe of Anthem breach
The Denver Channel reports: Members of the National Association of Insurance Commissioners want a multi-state examination of Anthem, Inc. and its affiliates, following the discovery of a cybersecurity breach at the health insurance company. […] Given the potential scope of the breach and the number of consumers affected, the NAIC said it anticipates all 56…
Anthem Breach May Have Started in April 2014
Brian Krebs reports: Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. Read his full article on…
Aspire Indiana notifies over 45,000 employees and clients after burglars nab office laptops
Since HHS has been revamping their breach tool, I’ve had a tough time figuring out what’s newly added or what I’ve missed. One incident, caught my eye, however, and I was able to find the covered entity’s notice of the breach. An undated notice* linked from Aspire Indiana, Inc.‘s home page explains: Aspire Indiana, Inc. Notifies Individuals…