Bruce Kelly reports: Allstate Insurance Co. is suing Ameriprise Financial in a spat alleging Ameriprise is stealing Allstate’s confidential information by recruiting the giant insurance company’s salespeople, known as “exclusive financial specialists.” Ameriprise is allegedly encouraging the Allstate sales agents to create contact lists from customer information, use flash drives and portable electronic devices to…
Category: U.S.
Insurer’s mailing to customers made HIV status visible through envelope window
Erin Mershon reports that a mailing error by health insurer Aetna exposed sensitive information: Thousands of people with HIV received mailed letters from Aetna last month that may have disclosed their HIV status on the envelope. The letters, which Aetna said were sent to approximately 12,000 people, were meant to relay a change in pharmacy…
KS: When your incident response creates a second problem….
On August 16, Salina Family Healthcare posted a substitute notice about a ransomware incident: Salina, Kansas – August 16, 2017 – Salina Family Healthcare Center (“SFHC”) has become aware of a data security incident that may have resulted in the disclosure of personal and protected health information of our patients and payment guarantors. Although at…
Canadian accused in Yahoo hack pleads not guilty in U.S. court
Reuters reports: In his first U.S. court appearance on Wednesday, Canadian Karim Baratov pleaded not guilty to charges that he helped Russian agents in a high-profile cyber attack on Yahoo email accounts, his lawyer said. Baratov, a 22-year old Canadian citizen born in Kazakhstan, was arrested in Canada in March at the request of U.S….
Labor Department blames data breach for shutdown of employee injury reporting site
Jennifer Gollan has more on a situation previously noted on this site. Once again, the nation’s top workplace safety regulator has a message for employers: “Don’t send us your injury logs.” But rather than bureaucratic red tape, this time the online filing system is hamstrung by a data breach. The Labor Department on Wednesday temporarily…
Is The Hutchins Indictment Over Malware Unconstitutional?
Alex Berengaut of Covington & Burling analyzes some of the legal issues raised by the indictment of Marcus Hutchins (@malwaretechblog) for allegedly creating and conspiring to sell malware known as the Kronos banking trojan. He writes, in part: Since Hutchins’ indictment, commentators have questioned whether the creation and selling of malware—without actually using the malware—violates…