Robert Maxwell reports: Thousands of private financial documents were discovered sitting in a wide open community recycling dumpster on Thursday. KXAN received a ReportIt tip late Thursday morning that the dumpster was full of personal documents from a local home builder. We discovered home loans, copies of personal checks, purchase orders and site plans all on display…
Category: Business Sector
ICG America notifies customers of its companies of payment system compromise (update 2)
ICG America, which operates a family of retail and e-commerce companies that includes Amazing Clubs, Flying Noodle, MonsterBrew, Games2U, TexasIrons, and California Reds, has joined the ranks of those disclosing hacks involving customer data. In August, ICG America was alerted by a credit card company that their payment processing system appeared to have been attacked….
Data Broker Giants Hacked by ID Theft Service
Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…
Unique Vintage notifies customers of long-running hack
We are writing to you because of an incident at Unique Vintage. On September 14, 2013 we discovered a data security incident that involved some of your personal information. Unique Vintage is Payment Card Industry Security Standards Council (“PCI”) compliant and implements the latest measures reasonably possible to protect its customers’ sensitive information. However, the very sophisticated data breach…
Breach notifications: what really happened vs. what they tell us
I’ve often pointed out how breach notification letters to those affected may omit details that consumers might want to know but breached entities probably prefer we not know. I came across another example today. Let’s start with what happened, as described by attorneys for Vector Security to the Maryland Attorney General’s Office. Vector Security provides…
Kierkegaard & Perry Labs report hack through a “known bug” in their platform
I think it would be fair to say that Kierkegaard & Perry Labs, Inc’s breach notification to Maryland in July impressed me somewhat unfavorably. KPL was reporting a hack that had compromised some customers’ names, addresses, and credit card numbers with expiration dates and CVV codes. Their investigation revealed that 8 customers’ information was acquired (not…