Craig A. Newman writes: In the most recent object lesson in a data breach privilege case, a federal appeals court has ordered a Michigan-based mortgage lender to turn over privileged forensic investigatory documents after the investigator’s conclusions were revealed in discovery. Background. In the case, Leibovic v. United Shore Financial Services, LLC, et al, No. 17-2290,…
Category: Business Sector
UK: ICO slams Carphone Warehouse with £400,000 penalty; inadequate security contributed to 2015 hack
If you’ve been following along since 2015, you may recall a breach involving Carphone Warehouse that was first disclosed in August, 2015. At the time, we were told that the hack affected 2.4 million customers’ data and about 90,000 customers’ credit cards. Fast forward to today, when the U.K.’s Information Commissioner announced that it has…
Dog-Walking App Exposed Home Addresses and Lockbox Codes
Oh good grief. You can’t even walk dogs without risking a breach of your personal information, it seems. My friend Sheila Kaplan sent this one along, as reported by Rolfe Winkler and Robert McMillan: Wag Labs Inc., the startup behind a popular dog-walking smartphone app, inadvertently exposed webpages showing customer information including addresses and lockbox codes that…
Man, 30, held over hacking attacks with ransom demands on two Hong Kong travel agencies
There’s a follow-up to a breach noted previously on this site. Clifford Lo reports: A 30-year-old Hong Kong man was arrested in connection with cyberattacks in which the computers of two travel agencies in the city were hacked and their clients’ sensitive personal information held for ransom, with payouts in bitcoin sought last week. As…
Online Shop Can’t Determine Card Breach Onset Due To “Lack of Backups”
I tweeted about this breach disclosure earlier today after Zack Whittaker called everyone’s attention to it, and I am glad to see that Catalin has written the matter up: In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could…
UK: Record fines for company, senior staff and private investigators involved in illegal trade in personal information
A firm of loss adjusters has been fined £50,000 for unlawfully disclosing personal data which had been obtained illegally by senior employees and rogue private investigators. A director and a senior member of staff at Kent-based Woodgate and Clark Ltd have also been sentenced to record financial penalties, along with the private investigators involved. The…