Brian Krebs reports: Nationwide beauty products chain Sally Beauty appears to be the latest victim of a breach targeting their payment systems in stores, according to both sources in the banking industry and new raw data from underground cybercrime shops that traffic in stolen credit and debit cards. On March 2, a fresh batch of 282,000 stolen…
Category: Business Sector
Assisted Living Concepts notifying over 43,000 employees after hack of payroll database at vendor’s (update3)
Chicago-based Assisted Living Concepts, LLC and its subsidiaries own and/or operate 200 assisted living facilities in 20 states. ALC uses an external vendor to process its payroll for its employees. On February 14, the vendor notified ALC that they had detected unauthorized access to ALC’s payroll database. Investigation revealed that ALC’s login credentials had been…
UK: Admiral remaining vigilant after Aviva data breach
Katie Marriner reports an update to the Aviva insider data leak case: Admiral has said it is actively working with claims teams to mitigate the risk of a potential data breach after Aviva sacked two employees for giving customer data to claims farming companies. The Insurance Fraud Enforcement Department confirmed last month that two men were…
Thermo Fisher Scientific notifies employees after laptop with their SSN is stolen
Thermo Fisher Scientific is notifying 93 employees that their unencrypted names and Social Security numbers were on a laptop stolen from an employee in Boston on December 23. The firm learned of the breach on January 4. Those affected are being offered a year of free credit monitoring with EquiFax’s Credit Watch Gold service. You…
EMC notifying some employees after vendor error disclosed their names and SSNs to unauthorized parties
EMC is notifying employees after an unnamed vendor’s employee mistakenly sent out an Excel file with their personal information to parties not authorized to have their personal information. The error, which occurred on January 7, occurred because a quick glance at the file did not reveal the hidden fields containing their names, SSN, and old…
Thieves Jam Up Smucker’s, Card Processor (update 1)
Brian Krebs reports: Jam and jelly maker Smucker’s last week shuttered its online store, notifying visitors that the site was being retooled because of a security breach that jeopardized customers’ credit card data. Closer examination of the attack suggests that the company was but one of several dozen firms — including at least one credit card processor — hacked…