A laptop stolen during a burglary of a PSEG employee’s home on September 25 contained employees’ names and Social Security numbers. According to a letter sent to the New Hampshire Attorney General’s Office on October 7, the New Jersey electricity and gas company intended to notify affected employees on or about October 10. The letter…
Category: Business Sector
Lord of the Rings Online forum database hacked
Announcement on Lord of the Rings Online Forum: Turbine recommend that all players change their passwords by visiting https://myaccount.turbine.com. Please remember to use unique, hard-to guess passwords that are not associated with other online services or sites. The FAQ on the incident, undated, says that, “Recently, we became aware of a compromise of the LOTRO…
AdvancePierre Foods sends unencrypted employee 401k data on flash drive that gets lost in the mail
Through their attorneys, AdvancePierre Foods recently notified the New Hampshire Attorney General’s Office that a flash drive containing unencrypted personal information of its employees had been lost in the U.S. mail. The October 6 letter indicated that on September 8, the firm had sent the flash drive to its 401k provider, Milliman. The envelope arrived on…
Team Swastika group hacks 10,000 global Facebook account details – or did they?
Phil Muncaster reports: Security experts are warning web users to ensure they use strong passwords and vary their credentials from site to site after a new hacking group published log-in details of what it claimed to be more than 10,000 Facebook users. Trend Micro’s director of security research, Rik Ferguson, explained in a blog post that the…
AU: First State Superannuation fails to adequately secure online accounts, then threatens the security researcher?
First, let’s start with the breach, as reported by Darren Pauli on SC Magazine: A security researcher was questioned by NSW Police after quietly reporting a massive security gaffe to First State Superannuation that potentially exposed millions of customer accounts. Patrick Webster found he was able to access electronic superannuation notices of any customer by…
SEC guidance about coming clean about data breaches
Emma Woollacott reports: The Securities and Exchange Commission (SEC) has ordered companies to disclose security breaches, following a year in which several organizations have been criticized for revealing details late, if at all. “Cyber incidents may result in losses from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and…