It was last year at about this time that we first got wind of an incident involving food services wholesaler Jetro/Restaurant Depot. Malware inserted in their card payment system had exfiltrated mag stripe data (names, card numbers, card expiration dates, and cvv codes) to a server in Russia between late September 2011 and early November…
Category: Of Note
Update and commentary on SCDOR breach: Where would they be without media coverage?
I’ve been pretty critical of the South Carolina Department of Revenue breach and the state’s incident response. Some will think my criticism is well-deserved, while others may feel I’ve been too harsh. But it is now six weeks since we first learned of the breach and here is what hasn’t happened so far: Notification letters…
Yes, sometimes it’s as bad as we fear
In the process of researching something else, I stumbled across an audit of a NYS agency with the grim title, “Mobile Devices with Sensitive Information are not Secure.” By the time I got done reading and browsing other audits, I totally forgot what I was looking for in the first place, but here’s what I…
Secret Service under investigation over loss of sensitive files on Metro
Jana Winter of Fox News reports that the Secret Service – the agency that is often involved in investigations of data breaches – had its own breach back in 2008 that is now (finally?) under investigation: The Secret Service is the target of an investigation into an “immense breach” involving the loss of two backup computer…
Advanced Data Processing employee accessed and disclosed ambulance patients’ info to others for tax refund fraud scheme
Advanced Data Processing, a subsidiary of Intermedix Corp. that does business as ADPI, handles billing for a number of ambulance services throughout the U.S. The Florida-headquartered firm notified the California Attorney General’s Office this week that on October 1, they discovered a rogue employee had been accessing and disclosing patient information to others who used the information to file fraudulent…
UK: 100,000 members of Civil Service Sports Club are first being told their details were stolen by fraudsters in 2010
Hannah Furness reports: More than 100,000 civil servants and public sector workers have been warned their personal details may have been stolen in a bid to defraud the Government. Members of the Civil Service Sports Club, which has 130,000 members nationwide, have been told their names, addresses, dates of birth and National Insurance numbers have…