More details are available about the Department of Energy hack that occurred in July. Mathew J. Schwartz reports: According to an email sent to all DOE employees on Aug. 29, information on 2,532 current employees, 3,172 former employees and seven employees on leave was stolen in the breach, which occurred in July. At the time, DOE…
Category: Hack
Attorney General Jepsen Reaches Settlement with Citibank on Online Credit Card System Security
Back in June 2011, I noted a breach involving Citibank (previous coverage here and here). There’s now a follow-up to that breach: Citibank N.A. will pay $55,000 to the state of Connecticut and will obtain a third-party data security audit of its online credit card account system under a settlement filed in court today, Attorney…
Midwest Supplies to send breach notification letters to online customers following hack (Update 2)
It seems that homebrewing supplier Midwest Supplies, LLC of Minnesota had a security breach on June 13 that they discovered on July 19. Letters should be going out within a few days to those affected. In a letter dated August 31 that has been submitted to the California Attorney General’s Office, David Kidd, President of…
Other recent breaches that flew under the media radar
State web sites that post breach reports often reveal breaches we didn’t learn about via media coverage. Here are five that I learned about in the past few days: Republic Services reported that a laptop stolen from an employee’s home contained current and former employees’ names and Social Security numbers. The theft occurred in Maricopa…
Symantec Dodges Norton Software User’s Data Breach Suit
Juan Carlos Rodriguez of Law360 reports that the plaintiff in Haskins v. Symantec didn’t fare well: A California federal judge on Friday tossed a proposed class action accusing Symantec Corp. of hiding a data breach in which hackers stole source code for its Norton anti-virus software, finding the complaint did not properly name all the products…
Payment processing services provider reportedly breached in January, details scarce
Discover and American Express often submit copies of their breach notification letters to cardmembers to state attorneys general. Their letters, however, generally do not include the name of a breached merchant, so it is often difficult to know what to make of their submissions. But one particular American Express notification, submitted to California last week, caught…