Lokai Holdings is notifying customers who made purchases on mylokai.com between July 18, 2014 and October 28, 2014 that their payment card information (name, address, payment card number, expiration date, verification code, and the user name and password for customer accounts) may have been compromised. You can read their template notification here. The metadata for the breach that they submitted to…
Category: U.S.
Harmonic strikes discordant note with employee data protection
And here’s yet another recent case out of California where a laptop with personal information was stolen from a vehicle. This time, it’s Harmonic: We are writing to inform you of a potential information security incident involving your personal information. While Harmonic does not know whether your personal information has been or will be misused,…
CPA leaves devices with unencrypted client tax data in vehicle, and…. ugh.
Okay, I grant you that I am not in a great mood today, but color me unsympathetic to those who are “horrified” that clients’ data is stolen when they haven’t adequately secured the data. Case in point: My Dear Tax Clients, It is with a heavy heart that I bring you this news. On Friday…
The 1% Program of Public Architecture discloses breach
From their web site: “The 1% program of Public Architecture connects nonprofit organizations in need of design assistance with architecture and design firms willing to donate their time on a pro bono basis. “ I wish really bad karma for all hackers who go after non-profits trying to do some good in this world. Posted by the 1%…
ID Parts notifies 12,000 customers of payment card breach
ID Parts, LLC is notifying approximately 12,000 customers that malware inserted in their server for their e-commerce site (idparts.com) may have captured payment card information between January 2014 and October 28, 2014. ID Parts was alerted to the breach by American Express, whose fraud investigation had pointed to ID Parts as the common point of…
Entry Point of JPMorgan Data Breach Is Identified
Oops. An overlooked server that was not configured for two-factor authentication became the weak link in JPMorgan’s defenses. Matthew Goldstein, Nicole Perlroth, and Michael Corkery report: The computer breach at JPMorgan Chase this summer — the largest intrusion of an American bank to date — might have been thwarted if the bank had installed a simple…