Kara Scannell and Tom Braithwaite report: Fidelity Investments, one of the largest US mutual fund companies, was one of 13 financial institutions attacked by hackers, who are believed to be the same group that stole customer information from JPMorgan Chase, according to two people familiar with the matter. The breadth and sophistication of the attack…
Category: U.S.
Citigroup Said to Be Attacked by JPM Hackers
Michael Riley reports: Citigroup Inc. (C), E*Trade Financial Corp. (ETFC), Automatic Data Processing (ADP) Inc. and Regions Financial Corp. were attacked by the same hackers that breached JPMorgan Chase & Co. (JPM), according to a person familiar with the matter. At least one of those companies — E*Trade — was targeted last year and subsequently…
The Evolution Store notifying customers of payment card and info breach (UPDATED)
As submitted to the California Attorney General’s website: Evolution Nature Corp., d/b/a The Evolution Store (“Evolution”), is writing to inform you of a data incident that may affect the security of your personal information. We are unaware of any actual or attempted misuse of your personal information but are nevertheless providing notice of this incident…
VA: Richmond school officials investigate security breach involving student files
Zachary Reid reports: Richmond school officials are conducting an intensive internal investigation of student records after a School Board member shared confidential information about at least 20 students with a vendor that provides mental health services. Tichi L. Pinkney Eppes, of the 9th District, publicly apologized a day after her colleagues were told about the…
Huge Data Leak at Largest U.S. Bond Insurer
Brian Krebs writes: On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to…
Update to AT&T insider breach
Mainstream media has now caught up with the AT&T insider breach I reported on October 3. Reuters reports that 1,600 customers have been notified of the potential compromise of their information.