On September 23, I reported on an unencrypted backup drive stolen from an accounting firm employee’s vehicle: A Maryland accounting firm had to notify 2,906 Maryland residents after an unencrypted backup drive was stolen from an employee’s car at his home. The theft occurred on August 4, but Clark & Anderson, P.A. didn’t learn of it…
Category: U.S.
Washington University in St. Louis notifies business partners after laptop with unencrypted PII stolen
Through its lawyers, Washington University in St. Louis notified the Maryland Attorney General’s Office of a breach that occurred on September 12: On September 13, 2013, our client, Washington University, learned that an unencrypted laptop computer issued to a Washington University employee had been stolen from the Washington, DC office of the Danforth Center for Religion and…
Cruises Inc. notifies customers after booking system accessed by compromised login credentials
Back in August, I reported: Smartphone Experts discovered that the system used for customer payments for online shopping had been hacked. Although stored customer data were encrypted, Diana Kingree, the Senior Vice President of Commerce, noted that the hacker may have been able to use a decryption feature of the system to view customers’ names, addresses, credit or…
Travelocity notifies customers after service providers’ employees misuse customer data
On November 22, Travelocity notified the Maryland Attorney General’s Office of a breach they first learned about on February 21. According to their letter, on that date they discovered that “over the previous several months, several employees of a Travelocity service provider had misused certain information to which they had access as part of performing…
TechMedia Network to start notifying customers of hack involving credit card data (updated)
Oops? TechMedia Network will be sending out letters on December 23 that begin: We are writing to inform you of an incident that may have involved your personal information. On November 20, 2013, Techmedia Network detected an unauthorized intrusion into its systems that may have allowed access to your name, mailing address, email address, phone…
Web host Mannix Marketing hacked; Saratoga Sweets notifies clients (update1)
Saratoga Sweets is notifying customers about a hack of their web host’s server. They first learned of the hack on November 25. In a letter dated December 13, Michael Fitzgerald, Sr. writes that an unauthorized person was able to access the server containing customers’ names, addresses, phone numbers, credit card numbers, and CCV numbers. Forensic…