FTC Press Release: CVS Caremark has agreed to settle Federal Trade Commission charges that it failed to take reasonable and appropriate security measures to protect the sensitive financial and medical information of its customers and employees, in violation of federal law. In a separate but related agreement, the company’s pharmacy chain also has agreed to…
Category: U.S.
GSA responds to GovTrip breach (follow up)
In response to my inquiries about the incident involving the GovTrip site, the GSA replied that the incident is still under investigation and that all they could say at this time is the following: February 11, 2009, some users of GovTrip when logging on to the site were redirected to a site that delivered malicious…
NY: BCC error causes release of Social Security numbers on alumni magazine (updated)
Eric Reinagel reports: Sherry Barton’s family is already dealing with issues related to identity theft. That’s why she was irked to discover that her alma mater, Broome Community College, sent out a mailing last week with her Social Security number posted prominently on the back cover. The winter/spring 2009 alumni magazine was mailed to 28,000…
GA: Federal grand jury indicts Bulgarians on bank card skimming
Federal indictments were handed down against Nikolay Nikolov, 23, and Yordan Kavaklov, 29, both of Bulgaria, on multiple felony charges of conspiring to steal the bank card numbers and passwords of dozens of individuals through the use of a skimming device the defendants allegedly connected to ATM’s in the metro Atlanta area. […] According to…
EXCLUSIVE: GovTrip site shut down; DOT computers infected
Over on USA Today, Peter Eisler’s lead is about how more infiltrators are trying to plant malicious software they could use to control or steal sensitive data. Here’s another incident this week that mainstream media doesn’t seem to know about. Over on the FAA Follies blog, it’s been reported that the Cyber Security Management Center…
And yet even more p2p breaches
Thanks to Rian of RedTeam Protection, here are some more breaches they uncovered: An executive producer at a Manhattan based television Production Company published 2,755 documents onto the gnutella file-sharing network. Contractors of this firm were required to provide their name, date of birth, and social security number for tax purposes. The invoices with personal…