California’s Department of Resources Recycling and Recovery (CalRecycle), which is under the Department of Environmental Protection, is notifying employees of a recent breach involving Social Security numbers. The text of the letter to employees, which has been uploaded to the California Attorney General’s public breach list, explains: On January 23, 2014, the Human Resources Office…
Category: Exposure
Blue Shield of California notifies agents that their SSN was exposed
Blue Shield of California is notifying some agents that their Tax Identification Numbers – which are often the agents’ Social Security Numbers – were accidentally disclosed to some of the agents’ clients who attempted to pay their bills online. In a letter dated today, BSC writes that the problem with SSN exposure existed between December…
AU: Asylum seekers’ identities revealed in Immigration Department data lapse
Oliver Laughland, Paul Farrell and Asher Wolf report: The personal details of a third of all asylum seekers held in Australia – almost 10,000 adults and children – have been inadvertently released by the Department of Immigration and Border Protection in one of the most serious privacy breaches in Australia’s history. A vast database containing…
Zevin Asset Management notifies clients after employee who violated company policy inadvertently exposed personal and financial information
Boston-based Zevin Asset Management recently notified some clients of a breach that began in mid-September 2013. According to a letter dated February 13 signed by their President, Benjamin Lovell: In mid-September 2013, contrary to Zevin policies, a Zevin employee used an online services provider to host a document listing Zevin’s usernames and passwords for certain…
UK: Parking firm pulls app after dev claims: I can SEE credit card privates
Jasper Hamill reports: An automated parking firm has halted public access to its payment app after a blogger identified a serious security flaw which he claimed allowed him to see other users’ credit card information. According to Matt Cheetham, an iOS developer based in Bournemouth, the Phone and Pay app was so leaky that he could easily…
TD Bank offers UNH students credit monitoring services after e-mail security lapse (update)
TD Bank is a service provider for the University of New Hampshire. On January 16, an employee e-mailed a file containing 674 students’ names and bank account numbers to the university, but failed to e-mail them in adherence with security protocols. The recipient notified the bank immediately. The university maintains the bank account numbers of…