Back in June 2011, I noted a breach involving Citibank (previous coverage here and here). There’s now a follow-up to that breach: Citibank N.A. will pay $55,000 to the state of Connecticut and will obtain a third-party data security audit of its online credit card account system under a settlement filed in court today, Attorney…
Category: Hack
Midwest Supplies to send breach notification letters to online customers following hack (Update 2)
It seems that homebrewing supplier Midwest Supplies, LLC of Minnesota had a security breach on June 13 that they discovered on July 19. Letters should be going out within a few days to those affected. In a letter dated August 31 that has been submitted to the California Attorney General’s Office, David Kidd, President of…
Other recent breaches that flew under the media radar
State web sites that post breach reports often reveal breaches we didn’t learn about via media coverage. Here are five that I learned about in the past few days: Republic Services reported that a laptop stolen from an employee’s home contained current and former employees’ names and Social Security numbers. The theft occurred in Maricopa…
Symantec Dodges Norton Software User’s Data Breach Suit
Juan Carlos Rodriguez of Law360 reports that the plaintiff in Haskins v. Symantec didn’t fare well: A California federal judge on Friday tossed a proposed class action accusing Symantec Corp. of hiding a data breach in which hackers stole source code for its Norton anti-virus software, finding the complaint did not properly name all the products…
Payment processing services provider reportedly breached in January, details scarce
Discover and American Express often submit copies of their breach notification letters to cardmembers to state attorneys general. Their letters, however, generally do not include the name of a breached merchant, so it is often difficult to know what to make of their submissions. But one particular American Express notification, submitted to California last week, caught…
United Shore Financial and Shore Mortgage report hacks involving client financial information
Back on March 20, United Shore Financial Services, LLC notified the New Hampshire Attorney General’s Office that they had experienced an intrusion into a server containing mortgage applicants’ names, contact information, dates of birth, drivers’ license numbers, Social Security numbers, and financial information. The letter did not specify whether the server was their own server…