Perry Chiaramonte reports: The private information of thousands of California firearms instructors was accidentally released by the state late last year in response to a journalist’s Freedom of Information request. The data request was made in August, when a reporter for Southern California Public Radio (KPCC), an NPR affiliate, sought all information on Firearms Safety…
Category: U.S.
POPEYES discloses payment card breach that began in May, 2016; 10 locations affected
From their press release: CCC Restaurant Enterprises, LLC, doing business as POPEYES, today announced that a recent data security incident may have compromised the security of payment information of some customers who used debit or credit cards at certain CCC Restaurant locations for certain timeframes between May 5, 2016 and August 18, 2016. We have investigated and contained…
OCR settles charges against MAPFRE Life Insurance for $2.2 million
As breaches go, the theft of a USB drive with ePHI on 2,209 insurance members doesn’t sound like a lot, but The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a settlement with MAPFRE Life Insurance Company of Puerto Rico because of what they found when they investigated the breach…
Bitcoin exchange employee pleads guilty in U.S. case tied to hacking
Nate Raymond reports: A Florida man pleaded guilty on Tuesday to charges stemming from his employment with an unlicensed bitcoin exchange that prosecutors say was owned by an Israeli who oversaw a massive scheme to hack companies including JPMorgan Chase & Co. Ricardo Hill, 38, entered his plea in Manhattan federal court to seven counts,…
Fired IT employee offered to unlock data — for $200,000
I think a study I saw recently said about 69% of entities reported data loss or breaches associated with departing employees. Vic Ryckaert reminds us what can happen if you don’t have control of all administrator credentials before you terminate an employee: Indianapolis-based American College of Education fired its information technology employee last year, according to court documents, but…
Sentara notifies 5000+ patients after breach at vendor
WAVY reports: A cyber security breach at a third party vendor for Sentara Healthcare has compromised the records of over 5,000 patients. The incident involves 5,454 vascular and thoracic patients seen between 2012 and 2015 at Sentara hospitals in Virginia. Read more on WAVY. The vendor was not named, nor were many details about the nature of the…