Six hundred and eighty-three Maryland residents who are alumni of the Baltimore School of Massage (BSOM) and Baltimore School of Massage’s Steiner Institute of Esthetics are being offered three years of free credit monitoring, identity protection, and identity theft restoration services following on email error that exposed their information. On June 17, an employee accidentally…
Category: U.S.
FERPA does not require data breach disclosure
Over on PogoWasRight.org, I’ve recapped the U.S. Education Department’s responses to privacy complaints filed by parent and students under the Family Educational Rights and Privacy Act (FERPA). In going through the data provided to EPIC in response to their Freedom of Information Act request, I noted that in a few cases, the Family Policy Compliance…
Aloha point-of-sale terminal, sold on eBay, yields security surprises
Breaches involving point of sale (POS) systems in retail stores and the hospitality sector are all-too-common, and Aloha POS has been mentioned on this blog in some past breaches. Now Jeremy Kirk reports: Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal — a brand of computerized cash register…
Ex-Wheaton worker gets 7 years in identity theft case
Sarah Maslin reports: Janice M. Nieman stole the identities of more people than could fit in Milwaukee County Circuit Judge Glenn Yamahiro’s courtroom on Friday. The total: 848, the largest number of victims in a single defendant case in Milwaukee County history. For embezzling more than $1 million from Wheaton Franciscan Services, a not-for-profit health…
DEI notifies clients after third party web host notifies them of two breaches
Dennis East International (DEI) reports that its website, which is hosted by Omeganet of Georgia (a/k/a/ CAMEO EZ) experienced two recent security breaches. The first incident affects some customers (who are all retailers) who placed orders on DEI’s website between June 1 and June 13 of this year. Omeganet informed DEI that some customers may…
NC: Checks with Buncombe school employee information stolen
Julie Ball reports: Buncombe County school officials have alerted more than 170 employees after an envelope containing checks with their names and Social Security numbers was stolen and some of the checks were cashed. The checks were mailed in March to ING, the financial services company, as contributions to supplemental retirement plans. Some employees contribute…