Attorney General Eric T. Schneiderman today announced a multi-state settlement with TD Bank, N.A. that resolves an inquiry into a 2012 data breach in which 1.4 million files were compromised. The $850,000 settlement requires the bank to reform its practices to help ensure that future incidents do not occur. New York State will receive $114,106.11…
Category: Of Note
Korea suffers over 106 million privacy breaches in 4 years
Cho Mu-hyun reports: The shocking figure of over 106 million privacy breaches was unveiled by a report of data leaks between 2010 to 2014 filed by the Korea Communication Commission (KCC) to the National Assembly during the yearly government audit of ministries. The figure means that each person has, on average, had his or her…
Did MCCCD leadership shut their eyes to a database security assessment for plausible deniability in litigation?
A former Maricopa County Community College District employee alleges executive leadership closed their eyes to a report on their database security conducted after their massive data breach in 2013 so they would have plausible deniability in any litigation. As a result, the employee alleges, the findings were never shared with those tasked with securing MCCCD’s data assets. In November…
Dropbox passwords leak: Hundreds of accounts hacked after third-party security breach (update – not Dropbox accounts)
Update: leaked login credentials claimed to be associated with Dropbox accounts are not Dropbox accounts, according to Dropbox. Rose Troup Buchanan reports: Hundreds of passwords to Dropbox accounts have been leaked in the latest security breach, with hackers threatening to release millions more account details in exchange for Bitcoin. Hackers, who were apparently able to access logins and…
Businesses should not need to publicize personal data breaches if data is encrypted, say EU ministers
Out-Law.com reports: Businesses should not need to notify consumers that their personal data has been lost or stolen if the data has been encrypted, EU ministers have said. Ministers in the Justice and Home Affairs Committee of the EU’s Council of Ministers backed the plans as part of a wider partial agreement reached last week on…
Kmart discovers it was breached in September; discloses breach in SEC filing (UPDATED)
Danny Yadron of the Wall Street Journal just tweeted that Kmart has disclosed a data breach in its SEC filing. Indeed, they have: On October 9, Kmart’s Information Technology team detected Kmart’s payment data systems had been breached and immediately launched a full investigation working with a leading IT security firm. The investigation to date indicates…