In reading a lot of the coverage of Experian’s breach affecting those who applied for T-Mobile USA accounts, I noticed that some journalists and others seemed to interpret Experian’s statement as indicating that the data were hacked/accessed over a two-year period (from September 2013 to September 2015). As I noted to a commenter earlier today,…
Category: Of Note
Scottrade Breach Hits 4.6 Million Customers (Updated)
Brian Krebs reports: Welcome to Day 2 of Cybersecurity (Breach) Awareness Month! Today’s awareness lesson is brought to you by retail brokerage firm Scottrade Inc., which just disclosed a breach involving contact information and possibly Social Security numbers on 4.6 million customers. In an email sent today to customers, St. Louis-based Scottrade said it recently heard…
The complaint to FTC about Experian that accomplished… what?
Today, Experian disclosed another data breach. This one affected 15 million customers of T-Mobile USA, for whom Experian hosts consumer data used for credit checks for new accounts. In tweeting my frustration about this latest incident, @emptywheel suggested I post the complaint I filed with the FTC about Experian in 2012. After some thought, I’ve decided…
Experian’s servers hacked; 15 million T-Mobile USA customers affected (UPDATED)
There’s been another data breach involving Experian, it seems, although this one didn’t involve their credit reporting database. Instead, it involved data Experian houses for T-Mobile USA. In a letter to affected T-Mobile USA customers, Experian CEO Craig Boundy writes: I am writing to let you know of an incident that occurred involving T‐Mobile USA data housed…
Reports slam OCR’s poor oversight of HIPAA covered entities, breach followup efforts
If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…
Russian Developer of the Notorious Citadel Malware Sentenced to Prison
Dimitry Belorossov, a/k/a Rainerfox, has been sentenced to four years, six months in prison following his guilty plea for conspiring to commit computer fraud. Belorossov distributed and installed Citadel, a sophisticated malware that infected over 11 million computers worldwide, onto victim computers using a variety of infection methods. According to U.S. Attorney Horn, the…