Datapak Services Corporation, an order fulfillment and payment processor based in Swanee, Georgia, recently learned that malware placed on their system on March 5 may have compromised the credit card information of customers of “several” e-commerce web sites. In a letter dated October 3, they note that customers’ names, addresses, and card numbers with expiration…
Category: Financial Sector
Kiwibank apologizes after privacy breach
Nicholas McBride of the Greymouth Star reports: Kiwibank has apologised to all customers affected by a privacy breach at the Greymouth branch. An envelope full of confidential documents was handed to a member of the public when they went into the Post Shop office last month. The individual took it home and opened it, unaware…
MO: R.T. Jones Capital Equities Management, Inc. informs clients’ employees of breach
On July 26, 2013, R.T. Jones Capital Equities Management, Inc. learned of the possibility that the unnamed web hosting facility that hosts its website was the subject of a cyber-attack that occurred on July 22, 2013. Although their investigations are ongoing, on August 7, 2013 the forensic experts hired by the firm confirmed that the attack could result in the…
Some TD Bank customers’ information sent to other customers
Jennifer Gannon reports Some customers of TD Bank had their information sent to other customers because of what the bank called a vendor error. TD Bank said a national firm responsible for printing and mailing statements accidentally sent some customers statements that had other customers’ information on the back. Stephania Pearce was balancing her checkbook…
Barclays employee fined £3k for illegally accessing customer data
Matthew Finnegan reports: A Barclays Bank employee has received a fine of £3,360 for illegally accessing customer data. Jennifer Addo, 27, was prosecuted under section 55 of the Data Protection Act for 23 offences, including passing on details of a customer’s children. The bank was initially alerted when the customer contacted the bank to report…
Jala Transport, a small money-lending business, fined £5,000 by ICO after theft of unencrypted hard drive with customer data
The Information Commissioner’s Office (ICO) has served a monetary penalty notice on Jala Transport, a small money-lending business, after the theft of an unencrypted portable hard drive containing its customer database. The firm was regulated by the Financial Services Authority (FSA) at the time of the incident. According to the notice, on August 3, 2012,…