TD Bank isn’t the only financial sector entity dealing with missing backup tapes these days. Vermont-based VSECU sent out notification letters yesterday after two unencrypted backup tapes created on August 27th were discovered missing on September 10. The tapes contained names, addresses, Social Security numbers, driver’s license numbers, financial account information, and transaction records. The credit union…
Category: U.S.
Barnes & Noble discloses breach involving pin pads at dozens of stores (update2)
Remember when Michael’s Stores found that pin pads in some stores had been replaced? It looks like the same thing has happened to bookseller Barnes & Noble’s brick and mortar stores. According to the New York Times, the firm discovered the breach on September 14. As of now, it appears that pads at 63 stores…
Service Sells Access to Fortune 500 Firms
More great investigative reporting from Brian Krebs: An increasing number of services offered in the cybercrime underground allow miscreants to purchase access to hacked computers at specific organizations. For just a few dollars, these services offer the ability to buy your way inside of Fortune 500 company networks. The service I examined for this post…
OH: Aultman gift shop credit security breached
Some class act was able to acquire customers’ credit and debit cards used at Aultman Hospital’s gift shop between February and September. Read about it on CantonRep.com.
St. Scholastica hack sheds light on Macalester IT security
Emma WestRasmus reports: “What was the name of your first pet? What’s your favorite color? What’s your mother’s maiden name?” We all know the drill. Whenever we start a new account we are prompted for answers to challenge questions that will surely be easy to remember. But for more than two dozen students at the…
Southern Environmental Law Center hacked
CBS in Birmingham, Alabama reports a breach involving the Southern Environmental Law Center. The station reports that credit card information, medical information and donor information were acquired and dumped on the Internet, although at the time of this posting, I’m not seeing any data dumps. Personal details also reportedly include addresses, phone, numbers, and client…