After a lull in security incidents following a string of breaches between 2006 and 2008, Pharmaceutical giant Pfizer recently reported another security incident. According to a notification (pdf) filed by their attorneys, a Pfizer employee “inadvertently left a backup hard drive in a box that was discarded in the trash on March 26, 2009. Because…
Category: Business Sector
Newton Manufacturing discovers hackers acquired customer data in repeated intrusions
In what was likely a nasty shock for Iowa-based Newton Manufacturing, Jnc., a recent security audit revealed that the company’s databases had been breached in September 2008, October 2008, and February 2009. Hackers apparently accessed and acquired customers’ personal information including names, addresses, and Social Security numbers. According to a notification (pdf) filed by the…
Most of Hannaford breach lawsuit tossed out by judge
Trevor Maxwell of The Portland Press Herald reports that Judge D. Brock Hornby of the U.S. District Court in Maine has dismissed nearly all of the claims filed again Hannaford Bros. for the massive breach they suffered in 2007 and early 2008. Only consumers who were not reimbursed by their banks for fraudulent charges on…
Pointer: European Parliament Adopts Position on Data Breach Notification Requirement for Telecoms and ISPs
The Privacy and Security Law Blog has a nice article by Hunton & Williams LLP on the new European Parliament position on data breach notification requirement for telecoms and ISPs. As the authors note, “For the first time in EU law the amendments [to the e-Privacy Directive] introduce a definition of “personal data breach” and…
Deja vu all over again: Another Continental Airlines laptop stolen
Continental Airlines, which reported a laptop stolen from their Newark office earlier this year found themselves again in the unenviable position of notifying employees of yet a second stolen laptop. On March 30, a laptop was stolen that contained employee information such as name, Social Security number, Continental ID number, position title, and contact address….
TN: Improper records disposal leads to notification of clients
State Farm Insurance reported (pdf) that when they discovered that an employee of a Tennessee agent had improperly disposed of trash containing customer information, they decided to notify all customers of the Tennessee agent. They report that as a consequence of the incident, the agent changed their procedures to use a secured waste container in…