I spend a lot of time criticizing breach notifications, so it’s nice when I can occasionally point to a positive example. Without considering whether the breach could have been prevented, consider this notification letter from Nationwide Insurance, dated November 16: We want to make you aware that a portion of our computer network was criminally…
Category: U.S.
Haley: SCDOR hacking may not have been preventable
Color me stunned. In one breath, Governor Haley says that even with what is known now, there is “no way to say it could have been prevented.” Then we learn that investigators “believe that a hacker tricked someone at the Department of Revenue into opening a file that gave the hacker access to the system.”…
Couple Stole the Identities of Doctors Who Applied for Fellowships at Johns Hopkins Hospital and Patients at Highlandtown Community Health Center
Another scheme involving insider breaches comes to light in Baltimore. The U.S. Attorney’s Office in Maryland reports: Ringleader Derrick Hill, age 52, and his girlfriend Renee Cabell, age 51, both of Woodlawn, Maryland, pleaded guilty to conspiring to commit wire fraud and aggravated identity theft. According to their plea agreements, from August to October, 2009,…
Adobe investigates alleged customer data breach (updated)
Jeremy Kirk: Adobe said Wednesday it is investigating the release of 230 names, email addresses and encrypted passwords claimed to have been stolen from a company database. The information was released on Tuesday on Pastebin by a self-proclaimed Egyptian hacker named “ViruS_HimA.” The hacker, who claimed the database accessed holds more than 150,000 records, posted…
Agencywide Message to All NASA Employees: Breach of Personally Identifiable Information
SpaceRef posted a breach notification from NASA, dated today: […] On October 31, 2012, a NASA laptop and official NASA documents issued to a Headquarters employee were stolen from the employee’s locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others. Although the…
Chicago election site exposed personal information
John Byrne and Hal Dardick report: Chicago election board officials confirmed Tuesday that sensitive personal information for about 1,200 people was exposed online but denied allegations by a computer security firm that the breach was much broader. The firm, Forensicon, announced it uncovered the problem while researching voting patterns. It alleged that personal information of…