In September, I posted Global Payments’ statement from their quarterly filing that dealt with the costs of a breach disclosed in March 2012. BankInfoSecurity.com has just reported on their most recent filing. Whereas last year, Global Payments estimated the cost of the breach at about $84 million, their current 10-Q filing puts the cost of the…
Category: Business Sector
Cops Suspect Up to 300 Counts of Fraud In KTSU DJ Case
William Michael Smith and Steve Jansen report: A TSU DJ has been arrested in an alleged pledge-drive scam, a local TV watchdog reporter said late Wednesday. According to a tweet from Fox 26 reporter Isiah Carey late this afternoon, KTSU radio volunteer Michael Whitfield was arrested earlier in the day and could face up to 300…
Hit with extortion demand after job applicants’ data hacked, Drake International refuses to pay
Christine Dobby reports: Drake International, the Canadian-based job placement firm, confirmed Wednesday that it has been the victim of a hacking scheme by a group seeking to extort payment in exchange for not releasing the personal information of people who have used Drake’s services. […] The hackers that contacted Drake on Monday, made their threats…
Follow-up: Dun & Bradstreet Unit Fined, Former Employees Sentenced
The Shanghai Roadway Dun & Bradstreet Marketing Services Co. Ltd breach currently holds the unenviable distinction of being the largest recorded breach in DataLossDB’s database. In March 2012, we learned that law enforcement was investigating whether the company had illegally collected and sold 150,000,000 people’s information. Dun & Bradstreet responded by suspending its Chinese service…
Some reputation hits are deserved
Access Securepak explains its service as a “program designed to allow family members and friends to send packages to inmates.” On Monday, their parent corporation, Centric Group, notified the California Attorney General’s Office of a breach that may have started back in August 2010 but was only recently discovered. The irony of a company name that…
When is “an excess of caution” not excessive?
Over on DataLossDB.org, I was entering a security breach notification sent by Atlanta-based Oldcastle APG, Inc. They had informed the New Hampshire Attorney General’s Office that a laptop containing over 5,000 employees’ names, Social Security numbers, and bank account information had been stolen from an employee’s car. As required by the state. they had attached a…