Chris Doucette reports: Thousands of slips of paper with personal information of past guests from around the world were found blowing in the wind in an alley behind a downtown hotel Friday morning. And many of the old documents, found around 7:30 a.m. scattered next to a dumpster behind the Best Western Primrose at Carlton…
Category: Exposure
Illinois AG sues Payday Loan Store over improper disposal of customer data
Attorney General Lisa Madigan today filed a lawsuit in Cook County Circuit Court against The Payday Loan Store of Illinois, Inc. (PLS), for allegedly failing to safeguard customer data as promised. The Attorney General filed the suit after learning that documents containing customers’ personal information had turned up in trash bins outside four store locations….
A puzzling USAA Federal Savings Bank breach report and 10 more reports
Here are another 11 breach notifications submitted to the Maryland Attorney General’s Office. These were filed in May and June, and in all but one case, we didn’t know about them through the media or other sources. A breach involving USAA Federal Savings Bank had previously been noted on this site, but there’s more to…
Error by Veterans Affairs vendor exposed 3,936 veterans’ SSN in mailing
In its most recent report to Congress, the Veterans Affairs Department reported that on August 25, 6,299 out of the 69,366 “Benefit Summary” letters intended for veterans and non-veterans in Massachusetts were mailed to incorrect addresses. The letters contained the veterans’ and non-veterans’ benefit information including their claim number, which, in some instances, was the…
UK doctors’ personal data found on used hard drive sold online
There have been many instances in the U.S. of personal data showing up on equipment sold at online and offline auctions. Once such case in the U.K. involved doctors’ data and the company responsible for the data, Healthcare Locums Plc (HCL), a UK specialist healthcare recruitment agency, has now been found in breach of the Data Protection Act…
Encryption didn’t prevent this breach
A report to the Maryland Attorney General’s Office from ING gave me pause because I don’t remember ever seeing a security issue like this before in a breach report. In their notification, ING writes (emphasis added by me): ReliaStar Life Insurance Company (RLIC) is responsible for premium administration for RLIC insurance products purchased by employees of…