T. Rees Shapiro reports that Fairfax County School District has had yet another breach involving student data: Personal information for hundreds of Fairfax County public school students was mistakenly posted on the school system’s Web site, exposing their school identification numbers, birth dates, home addresses and phone numbers in what parents described as a breach…
Category: U.S.
Provider of Medical Transcript Services Settles FTC Charges That It Failed to Adequately Protect Consumers’ Personal Information
Press release from the FTC, followed by my comments: A company that provides medical transcription services has agreed to settle Federal Trade Commission charges that its inadequate data security measures unfairly exposed the personal information of thousands of consumers on the open Internet, in some instances including consumers’ medical histories and examination notes. In its complaint…
Hello Muddah, Hello Faddah: Campers’ information stolen by camp employee
Nathan Brown reports that a Town of Rosendale man (in upstate New York) has been charged with selling the personal information of campers and their parents at Camp Rov Tov, Rov Tov is a boys’ camp affiliated with a Satmar Jewish school in Brooklyn; they have camps in Dairyland, Kerhonkson, Napanoch and Ellenville in Ulster…
TD Bank reports another insider breach
TD Bank has notified the New Hampshire Attorney General’s Office of an insider breach that does not appear to be the insider breach that made the media last month. According to the bank’s January 24 notification, between July and November of 2013, an employee may have passed along some customers’ names, addresses, Social Security numbers,…
Dartmouth-Hitchcock notifies employees that direct deposit account info compromised by breach
Dartmouth-Hitchcock has notified some employees that their names and direct deposit bank account information were compromised after some employees fell for a phishing attempt. In a letter dated January 20, D-H informed the New Hampshire Attorney General’s Office that the unauthorized access to the Employee Self Service Direct Deposit Payment System occurred between October 6…
Aflac discloses insider breach involving customers’ Social Security numbers (updated)
The Continental American Insurance Company (Aflac) is notifying some customers that a former temporary employee improperly accessed customer data, including names and Social Security numbers. Although the firm has no indication of any misuse of the data, affected customers are being offered a year of free credit-monitoring services through ProtectMyID. You can read the January…