Update 1: March 9, 2014: Added some other incidents that were reported to NYS in 2012 and early 2013. These additions are underlined for your convenience. In the process of reviewing other materials, I have also identified two other banks that have recurring reports of insider wrongdoing. Eventually, I will write up my findings on…
Category: Insider
Jail time for university hacker who changed his grades to straight As
John Hawes reports: A former student of Purdue University in Indiana has been sentenced to 90 days in jail for his part in hacking into college computer systems and changing grades. Roy C. Sun is one of three former Purdue students thought to have been involved in the incident, which occurred between 2008 and 2010 when they…
VALIC notifying customers of breach in 2007 (updated)
The Variable Annuity Life Insurance Company (VALIC) is notifying customers of what appears to be an old security lapse. In a letter template submitted yesterday to the California Attorney General, the firm writes: It recently came to our attention that a financial advisor formerly associated with VALIC was in possession of information relating to some of…
More details emerge on 80sTees breach disclosed in 2013
Back in April 2013, 80sTees (80sTees.com) notified a number of state attorneys general that their customer payment card data had been compromised. According to reports to New Hampshire, Vermont, Maryland, and California: on January 29, 2013, the Pennsylvania-headquartered firm was asked by Discover to examine their system after suspicious charges were noted on customers’ cards following purchases…
Probe confirms Karachi Stock Exchange insider security breach; many fired, put on Exit Control List
Imdad Soomro reports: A detailed probe by a professional firm has confirmed that the security system of Karachi Stock Exchange (KSE) was breached through unauthorised access, a fact that was revealed by two whistleblowers of KSE, who have also been identified. The report finalised in December 2013 found that two undocumented Virtual Private Notebooks (VPNs)…
UK: £500 fine for PCSO who accessed data
Ryan Jennings reports: A former Colchester PCSO has been fined for accessing the information of 148 people “out of personal curiosity” while working for Essex Police. Arrie Bygrave, 23, of Peppercorn Close, Colchester, admitted breaching the Data Protection Act by checking 1,684 records for his own purposes. Read more on Daily Gazette.