There’s a follow-up to a breach that I had described as one of the worst insider breaches at its time – because it put lives at serious risk and some victims were firebombed or shot at. Mi-Jung Lee and Kendra Mangione recently interviewed one of the victims, who continues to have concerns about the handling…
Category: Of Note
Victims of W-2 phishing scams (2017 list)
— The list of entities reporting that employee W-2 data was acquired by phishing.– Last year, this site compiled 145 W-2 phishing incidents before I somewhat waved a white flag in terms of trying to keep up, but as I started working on this year’s list, I found even more cases from 2016, bringing the 2016…
I3 Brands sues Rackspace following security breaches, crashes
Patrick Danner reports: Rackspace Hosting Inc. touts its “fanatical” client support, but a California e-commerce firm has charged in a new lawsuit that it lost numerous customers after the San Antonio company failed to provide web-hosting services and security as promised. Del Mar, California-based i3 Brands Inc. on Tuesday filed the suit in Bexar County District Court,…
Niche dark web marketplaces for buying confidential insider information
You’ve probably heard of Alpha Bay and some other dark web marketplaces. But have you ever heard about Kick Ass Marketplace or The Stock Insiders? Mohit Kumar reports that there are dark web marketplaces where one can buy and sell stolen insider data. According to a new report from the US-based risk security firm RedOwl…
Target data breach settlement remanded by appeals court after two consumers raise concerns
It ain’t over until…. well, no body-shaming here, but Target is not out of the woods on litigation from their massive 2013 breach. Law360 is reporting: The Eighth Circuit decided Wednesday to send back to lower court the $10 million deal that let Target Corp. out of multidistrict litigation over its notorious 2013 data breach,…
Children’s Medical Center of Dallas pays $3.2m penalty for multiple violations of Security Rule
Children’s Medical Center of Dallas, part of Children’s Health nationwide network, has paid HHS $3.2 million to settle charges stemming from multiple breaches involving ePHI and failure to comply with the Security Rule, despite notice of their shortcomings. Here’s HHS’s press release with a link to their determination: The U.S. Department of Health and Human Services, Office for…