There’s an important update in the case that involved Court Ventures/U.S. Info/Experian, and Dun & Bradstreet, although the government doesn’t name the businesses in its press release. James Eng reports: A Vietnamese national was sentenced to 13 years in prison for hacking into U.S. businesses’ computers, stealing personally identifiably information (PII), and selling to other cybercriminals his fraudulently-obtained…
Category: Of Note
Blue Cross Blue Shield Association to offer all members nationwide free identity theft protection service
John George reports: Independence Blue Cross, the Philadelphia region’s largest health insurer, said Tuesday it will offer identity protection services — at no charge to eligible members and their dependents — starting Jan. 1, 2016. The action was part of the national Blue Cross Blue Shield Association’s announcement that Blue plans across the country will…
Hacked in the U.S.A.: China’s Not-So-Hidden Infiltration Op
Chris Strohm, Michael Riley, and Jordan Robertson report: The vast cyber-attack in Washington began with, of all things, travel reservations. More than two years ago, troves of personal data were stolen from U.S. travel companies. Hackers subsequently made off with health records at big insurance companies and infiltrated federal computers where they stole personnel records…
St. Elizabeth’s Medical Center agrees to settle potential violations of HIPAA; Settlement Highlights Importance of Safeguards When Using Internet Applications
HHS has announced a settlement with St. Elizabeth’s Medical Center (SEMC) that relates to two potential HIPAA violations – neither of which have been reported previously on this site or PHIprivacy.net and neither of which appear on HHS’s public breach tool: St. Elizabeth’s Medical Center has agreed to settle potential violations of the Health Insurance Portability…
What Happened At OPM?
Add Adam Shostack’s post to your must-read list. Here’s a snippet: The National Journal published A Timeline of Government Data Breaches: I asked after the root cause, and Rich Bejtlich responded “The root cause is a focus on locking doors and windows while intruders are still in the house” with a pointer to his “Continuous Diagnostic Monitoring Does…
Two US telecom companies to pay $3.5 million for data breach
Grant Gross reports: Two sister mobile and telecom service providers will pay a combined US$3.5 million after the U.S. Federal Communications Commission found that they were storing customers’ personal data on unprotected servers accessible over the Internet. TerraCom and YourTel America failed to adequately protect the personal information of more than 300,000 customers, the FCC…