Just to follow-up on previously reported breaches: The leader of a ring of waiters who copied customer credit cards at New York steakhouses including Smith & Wollensky and the Capital Grille so accomplices could buy luxury goods was ordered to go to prison for as long as 13 1/2 years. Luis “Damian” Jacas, 42, oversaw…
Category: Business Sector
Does a presidential executive order on cybersecurity get a hotel chain off the FTC hook for its breaches?
I occasionally check the docket for FTC’s lawsuit against Wyndham over the multiple breaches they experienced. A story in my news reader today about how Ben Rothke of Wyndham Worldwide gave a talk on “The five habits of highly secure organizations” struck me as somewhat ironic, and I decided to see where the lawsuit stood. Of…
NC DHHS contractor’s missing drive held over 50,000 medical providers’ names, dates of birth, and Social Security numbers
Yesterday, the North Carolina Department of Health & Human Services (DHHS) disclosed that a flash drive with information on over 50,000 medical providers who are excluded from participating in federal healthcare programs had been misplaced or lost by its contractor, Computer Sciences Corporation (CSC). The provider information included names, addresses, dates of birth, and Social…
Genesco takes VISA to court over data breach (updated)
Back in January, there were reports that Genesco might sue card issuers over their response to the firm’s malware breach in 2010. Now dmarsteller reports that Genesco has, indeed, sued VISA. The lawsuit was filed Thursday in Nashville. dmarsteller explains: VISA later fined Fifth Third Bank and Wells Fargo $5,000 each and levied another $13.3…
LinkedIn Wins Dismissal of Privacy Lawsuit in California
Joel Rosenblatt reports: LinkedIn Corp. (LNKD), the biggest online professional-networking service, won dismissal of a lawsuit claiming it failed to follow industry standards and its own promises in encrypting user password information. The lawsuit, filed last year in federal court in San Jose, California, followed the company’s website being hacked and 6.5 million member passwords being posted…
Is Kively.com revealing user info?
On February 7, a site reader alerted me to a possible problem over on Kively.com: Look at the description directory – it reveals all the PII when there is some in the descriptor. After looking at the description directory, I found myself wondering about whether some of the entries were, in fact, disclosing some PII. Instead…