In its 2013 Data Breach Investigations Report, Verizon said that it had analysed more than 47,000 reported security incidents last year and found 621 “confirmed data disclosures” where at least 44 million records had been “compromised”. More than half of the 621 data disclosures involved hacking, it said. “52% of breaches affecting all organisations involved…
Category: Of Note
Two Romanian Nationals Sentenced to Prison for Scheme to Steal Payment Card Data
An update on a breach previously noted on this blog: Adrian-Tiberiu Oprea, 29, of Constanta, Romania, and Iulian Dolan, 28, of Craiova, Romania, were sentenced today to serve 15 years and seven years in prison, respectively, for participating in an international, multimillion-dollar scheme to remotely hack into and steal payment card data from hundreds of…
Fifth Circuit Court of Appeals reverses dismissal of negligence claims against Heartland Payment Systems
It seems it isn’t all over for a lawsuit by nine financial institutions against Heartland Payment Systems following a mammoth breach disclosed in January 2009. The Fifth Circuit Court of Appeals reversed the district court’s dismissal of negligence claims and remanded. Here’s part of the opinion, issued yesterday: Turning to the case sub judice, we hold the…
Attorney General Jepsen Reaches Settlement with Citibank on Online Credit Card System Security
Back in June 2011, I noted a breach involving Citibank (previous coverage here and here). There’s now a follow-up to that breach: Citibank N.A. will pay $55,000 to the state of Connecticut and will obtain a third-party data security audit of its online credit card account system under a settlement filed in court today, Attorney…
Advocate Medical Group notifying 4 million patients after burglars snatch unencrypted computers
Advocate Medical Group and its parent, Advent Healthcare, may have just bought themselves a heap of problems. Storing more than 20 year-old personally identifiable data including Social Security numbers on unencrypted computers with less than strong physical security doesn’t bode well for any investigation by HHS or Illinois’s Attorney General. (corrected name on medical group)
Liberty Mutual Insurance tells Schnuck Markets its insurance policy doesn’t cover data breach lawsuits and costs
If their insurer gets their way, the beleaguered Schnuck Markets will find itself without help from its insurance carrier in paying litigation costs and other data breach-related costs. Liberty Mutual Insurance Company has informed Schnuck Markets that it is not responsible to cover costs of the eight lawsuits that were filed in the wake of…