An e-mail gaffe by a Support Center employee Ruby Tuesday exposed current employees’ information to a former employee. The spreadsheet, inadvertently attached to the July 8 e-mail, contained employees’ names, Social Security numbers, bank name, bank account type, bank account numbers and routing numbers. Ruby Tuesday immediately tried to recall the e-mail, and contacted the recipient…
Category: Exposure
Man who tries to report breach to Sears finds himself talking to someone in India?
Here we go again. It’s bad enough to have an easily avoidable breach. It’s worse when you make it difficult for people to report it to you. Today’s entry in this Hall of Shame is Sears. Nesita Kwan reports personal information of hundreds of former Sears employees, including their Social Security numbers, photos, records with…
Employees of five client firms notified by Fidelity Investments that their data were exposed to the wrong parties
Fidelity Investments has reported a number of breaches this year, all involving exposure of information to the wrong people: On June 17, Fidelity notified the NH Attorney General’s Office that information (names and Social Security numbers) of Apria Healthcare plan members was accidentally included in a secure email sent to three employees of another client…
US Airways notifies employees of breach, but why the delay?
On July 18, US Airways sent some of its employees a letter informing them that, due to an error by Automatic Data Processing (ADP), their W-2 information was downloadable online by fellow employees. US Airways had been made aware of the problem on June 6, but offered no explanation as to why it took them…
Wesley College mistakenly posts private student records online
Nichole Dobo reports: Wesley College published more than a dozen records online that revealed the test scores, grades and written critiques of more than 100 students. The Dover-based private college was not the victim of someone hacking into its system. Instead, the records were posted in 2011 by someone at the school in a folder…
Staff data leaks out of the SEC
Peter Schroeder reports: A serious data breach at the Securities and Exchange Commission transferred personal data about current and former employees into the computer system of another federal agency, a letter sent by the SEC to staff reveals. The July 8 letter, obtained by The Hill, is from Thomas Bayer, the SEC’s chief information officer…