Boston-based Zevin Asset Management recently notified some clients of a breach that began in mid-September 2013. According to a letter dated February 13 signed by their President, Benjamin Lovell: In mid-September 2013, contrary to Zevin policies, a Zevin employee used an online services provider to host a document listing Zevin’s usernames and passwords for certain…
Category: Exposure
UK: Parking firm pulls app after dev claims: I can SEE credit card privates
Jasper Hamill reports: An automated parking firm has halted public access to its payment app after a blogger identified a serious security flaw which he claimed allowed him to see other users’ credit card information. According to Matt Cheetham, an iOS developer based in Bournemouth, the Phone and Pay app was so leaky that he could easily…
TD Bank offers UNH students credit monitoring services after e-mail security lapse (update)
TD Bank is a service provider for the University of New Hampshire. On January 16, an employee e-mailed a file containing 674 students’ names and bank account numbers to the university, but failed to e-mail them in adherence with security protocols. The recipient notified the bank immediately. The university maintains the bank account numbers of…
Massachusetts Society for the Prevention of Cruelty to Children notifies vendors after tax information exposed
The Massachusetts Society for the Prevention of Cruelty to Children joins the ranks of those who experience a mailing error that exposes vendors’ Form 1099 to others. The Form 1099 contained vendors’ names, addresses, monies earned, and Social Security numbers. In this case, some vendors received their own Form 1099 as well as a second…
UK: Councillor rapped for speaking to newspapers about data breach
Remember when documents with sensitive information on Victoria Climbié were found in abandoned council offices? Ruth McKee reports: A councillor who blew the whistle on confidential data found lying in the middle of the former Southgate Town Hall has been punished for revealing the extent of the security breach. Henry Lamprecht, ward councillor for Southgate Green…
NI Department of Justice fined for data breach
BBC reports: Northern Ireland’s Department of Justice has been fined £185,000 for auctioning off a filing cabinet that contained personal information about victims of a terrorist attack. The locked cabinet was one of 59 sold off by the Compensation Agency in 2012. When the buyer forced it open, they found it contained documents about injuries…