While I’ve been busy tracking W-2 phishing scams, let’s not lose sight of the fact that there are other ways for criminals to obtain W-2 or tax information, and that human error continues to turn assets into low-hanging fruit. Interpreters Unlimited recently notified the Vermont Attorney General’s Office that the contents of an employee’s backup device were…
Category: U.S.
Lane Community College notifies health clinic patients of potential breach
Dylan Darling reports: A virus-infected computer at the Lane Community College health clinic may have relayed patient information — names, addresses, Social Security numbers and more — to an unknown third party for more than a year, the college said Friday. LCC said it has sent letters warning 2,500 patients whose information may have been…
Neiman Marcus to settle long-running data breach litigation for $1.6m?
Law360 reports: Neiman Marcus has agreed to pay $1.6 million to resolve a data breach class action in Illinois federal court over a December 2013 cyber intrusion that revealed the credit card data of 350,000 shoppers of the luxury retailer, according to a court document filed Friday. Read more on Law360 if you have a…
Google Points to Another POS Vendor Breach – Krebs
Brian Krebs reports: For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant. A little over a…
Affiliated Santé Group learned that patient info was exposed on GitHub for years
So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…
Missouri sheriff’s office leaked audio of police informants and victims after ransomware attack
Dell Cameron reports: A data breach at a Missouri law enforcement agency in January left thousands of sensitive records exposed online, including jail incident reports, arrest records, and more. Security researchers who discovered the breach at the Warren County Sheriff’s Department say the leaked backup files—numbering in the hundreds of gigabytes—also include multiple audio recordings…