The Dezonia Group handles billing people for the Chicago Fire Department’s ambulance service. Dana Koslov of CBS in Chicago reports that the contractor reported that an employee’s laptop stolen six weeks ago contained the names, addresses, and Social Security numbers of thousands of people who used the ambulance service in the past two years. Update…
Category: Business Sector
Nature security breach prompts password reset
John Leyden of The Register reports: The website of science journal Nature has suffered a security breach that resulted in the potential exposure of users’ login credentials. The login credentials were stored in an encrypted form, making them hard to extract. But Nature.com has still opted to reset the passwords of affected users, as a…
Bits ‘n Pieces
In the justice system: A string of identity thefts spanning seven states has resulted in the arrest of two suspects in Wisconsin. More. As a follow-up to a story reported previously, Scottsdale police arrested nine people who allegedly ran an ID theft ring that involved stealing customer data from local businesses including the Henry Brown…
Sprint: Employee Stole Customer Data (updated)
Brian Krebs of Security Fix reports that Sprint sent letters to several thousand customers to inform them that a former employee sold or otherwise provided their account data without permission between December 2008 and January 2009. Updated Apr. 1: Sprint’s notification (pdf) to the NH Attorney General is now available online.
BT rebuts vulnerability claims
(This is a follow-up to a story reported here). Today, John Leyden of The Register reports that BT.com claims that the flaws HackersBlog reported only involved test systems and that no customer data were at risk. Whether BT’s statement was issued before or after HackersBlog published more about the alleged vulnerability and databases they were…
Pentel online store hacked; customer credit card data accessed
Pentel customers who ordered online at www.pentelstore.com were recently notified that hackers accessed their personal information and credit card information. By letter dated March 3 to the New Hampshire Attorney General, the pen manufacturer reported (pdf) that on January 20, its web maintainer and server host notified them that between December 11, 2008, and January…