The Weber County Sheriff’s Office is concerned about a missing laptop from a loan officer that contains sensitive and personal information of hundreds of home owners in Utah. Deputies said the [Sun Valley Mortgage] loan officer accidently (sic) left his computer on a sidewalk instead of putting it in his car, a mistake that may…
Category: Financial Sector
Three indicted for hacking Heartland, 7-Eleven, and Hannaford; Over 130 million credit and debit card numbers stolen
An indictment [pdf] was returned today against three individuals who are charged with being responsible for five corporate data breaches, including the single largest reported data breach in U.S. history, announced Acting U.S. Attorney Ralph J. Marra, Jr., along with Assistant Attorney General of the Criminal Division Lanny A. Breuer and United States Secret Service…
More on the AmEx breach or is that breaches???
Now that they’ve released the names of those arrested, it’s still unclear to me whether this is a second recent breach involving an employee or if these people were part of the some ring where an arrest of another individual who was an AmEx employee was made last month. Vindy.com reports: Cases against five people…
Wells Fargo employee accused of accessing customers’ accounts
A Wells Fargo Bank employee working inside a bank call center was arrested Friday for accessing customer accounts and taking money out, according to the U.S. Attorney’s office. Ronita Prasad, 28, of Antelope gained access to customer accounts through a protected system without authorization. She used customer account access to pay her own debts, open…
Amex cardholders’ data stolen by employee
A lot of sites are posting a news story with almost no details involving American Express. From what I read elsewhere about the notification, this is likely the incident that was reported here last month.
An open letter to Heartland CEO Robert Carr
Rich Mogull of Securosis joins Mike Rothman in taking Heartland Payment Systems CEO Bob Carr to task for his comments that seemed to shift responsibility for the breach to the assessors who told them they were PCI-compliant: […] PCI compliance means you are compliant at a point in time, not secure for an indefinite future….