A few months ago, I noted a lawsuit by a former Winn-Dixie employee against Purchasing Power. The complaint in Burrows v. Purchasing Power alleged that Winn-Dixie shared employee data with Purchasing Power to administer its employee benefits program, but also sent them data on employees not enrolled in the program. The complaint also alleged that although…
Category: Insider
Follow-up: Victim of Port Mann security breach speaks out
More on the Port Mann Bridge breach noted previously on this blog where someone with a criminal record managed to get a job by false pretenses that enabled him to acquire customers’ personal information, including credit card numbers: One of the Port Mann Bridge users whose tolling accounts were allegedly handled by a convicted fraud…
Former UJA Federation employee sentenced for role in massive fraud ring
Following up on one of 55 individuals involved a insider fraud ring, one of those involved – an employee at UJA Federation who was charged in December 2011- has been sentenced to at least six years in prison for her role in the scheme. You can read more on The New York Post. At the…
AMC Personal Employees’ Information Mishandled, AMC reports breach
Even when there’s no malicious intent, employees removing documents from secure areas can result in a reportable breach and costs, as Fox54 reports: An investigation is underway into a breach of personally identifiable information of more than 400 Army Materiel Command employees. According to a news release from AMC, an AMC employee took official hard…
UK: Essex County Council ‘sensitive’ data found in building
BBC reports: An investigation is under way into how “sensitive” information belonging to Essex County Council ended up in a disused building. The security breach was one of three “recent” episodes at the Conservative-run council. The Information Commissioner’s Office has confirmed it is investigating the breaches. According to BBC, two of the breaches were “committed…
Anatomy Of A Brokerage IT Meltdown
Regulators last year issued the SEC’s first-ever privacy fine against broker-dealer GunnAllen for failing to protect customer data. But former IT staffers say regulators didn’t seem to know half of this cautionary tale of outsourcing and oversight gone wrong. Mathew J. Schwartz adds some mind-boggling details to the case: Dan Saccavino, a former Revere Group…