So TrustHCS hires Human Resource Advantage (“HR Advantage”) to provide employment resources support. HR Advantage stupidly (yes, I said stupidly) sends unencrypted employee information on a thumb drive via U.S. mail to TrustHCS. The information included names, Social Security numbers, dates of birth, bank account information, postal and email addresses, and any leave of absence…
Category: U.S.
Update: Archdiocese of Seattle data breach appears to target Oregon Catholics
KGW reports: A data breach at the Archdiocese of Seattle that led to rampant tax fraud appears to have spread to Oregon. The Archdiocese of Portland said hackers have stolen Social Security numbers from Catholic Church employees and volunteers in order to file false tax returns and claim the refund. So far, 105 Catholic Oregonians…
Update to State Bar of Nevada breach
There’s an update to the breach involving the State Bar of Nevada first reported on DataBreaches.net . Yesterday, the state bar posted a notice on their website on the News section: The State Bar of Nevada learned that criminals forced their way into a State Bar storage facility and stole some confidential records. The State Bar…
Password bug let me see shoppers’ credit cards in eBay ProStores, claims infosec bod
John Leyden reports: A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed – according to the security researcher who says he found the hole. Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door…
Bank drops lawsuit against Target and Trustwave
Jeremy Kirk reports that Trustmark National Bank, one of the two plaintiffs in a lawsuit filed by banks against Target and Trustwave, has filed a notice of voluntary dismissal to drop their role in the lawsuit. Because the lawsuit was dropped without prejudice, the bank may re-file the suit at some point, although I suspect…
TX: Document Shredding Company Employee Eyed in ID Theft Ring
Scott Gordon reports: A Fort Worth man who worked for a document shredding company did not destroy bank records and instead shared them with thieves, according to court documents. The number of potential victims is in the thousands and the total loss may be in the millions of dollars, a law enforcement source told NBC…