Some breaches are potentially much more harmful than others. A March 2012 hack involving the British Pregnancy Advice Service (BPAS) fell into that group, and I was so concerned about the breach and the threatened data dump that on Twitter, I publicly called out members of Anonymous for sitting back and not speaking up to try to dissuade…
Category: Of Note
KR: Personal data of 12 million KT customers stolen: police
Yonhap News Agency reports a hack affecting almost three-fourths of KT Corporation (formerly known as Korea Telecom)’s customers: Three people, including a telemarketer, were arrested in connection with the case, the Incheon Metropolitan Police Agency said. The leaked information included victims’ names, resident registration numbers, places of employment and bank account details. Police believe the…
AvMed Data Breach Class Action Settlement Gets Final Approval – Payment To Be Made To Class Members Who Did Not Experience ID Theft
Mark S. Melodia, Steven Boranian, Frederick Lah and Melissa A. Geist comment on the AvMed breach lawsuit settlement. The AvMed breach involving a stolen laptop with unencrypted information on 1.2 million people and lawsuit have been mentioned numerous times on the companion PHIprivacy.net blog (coverage linked from here). Last week, a judge for the Southern District…
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…
Thieves Jam Up Smucker’s, Card Processor (update 1)
Brian Krebs reports: Jam and jelly maker Smucker’s last week shuttered its online store, notifying visitors that the site was being retooled because of a security breach that jeopardized customers’ credit card data. Closer examination of the attack suggests that the company was but one of several dozen firms — including at least one credit card processor — hacked…
Commentary: Repeated insider breaches at TD Bank should trigger federal regulator investigation (update 1)
Update 1: March 9, 2014: Added some other incidents that were reported to NYS in 2012 and early 2013. These additions are underlined for your convenience. In the process of reviewing other materials, I have also identified two other banks that have recurring reports of insider wrongdoing. Eventually, I will write up my findings on…