Cross-posted from phiprivacy.net: At least some members of Congress are not happy with the response to a letter they sent TRICARE following the theft of backup tapes from the unattended vehicle of an employee of their contractor, SAIC. The tapes contained information on approximately 5 million military beneficiaries and their dependents. Although TRICARE’s response was not disclosed publicly, Rep. Ed…
Category: Of Note
NHS Trust fined £325,000 following data breach; Trust “frankly surprised” at fine and intends to appeal
Back in January, I noted that the ICO was preparing to levy a huge fine on Brighton and Sussex University Hospitals NHS Trust after hard drives with patient data were stolen and put up for sale on eBay. We later learned that the thief was an employee of a contractor. The possibility of the fine was revealed by the…
New Math, data breaches version
As a survivor of New Math, it’s somewhat amazing that I’m willing to deal with numbers or math at all. Yet, here I am, with a simple equation as today’s New Math: UNCC + UN = time for regulation Simple, elegant, and somewhat nonsensical as a math equation, but two recent education sector breaches do…
University of Nebraska breach needs to reverberate in Washington, D.C.
The University of Nebraska disclosed a breach last week, which I dutifully entered on DataLossDB. The breach sounded like it could be huge, despite the university’s statement that it had no evidence (at that time) that any data had been downloaded: The NeSIS database includes Social Security numbers, addresses, grades, transcripts, housing and financial aid…
Computer security breach at Serco affects 123,000 Thrift Savings Plan participants
Hazel Bradford reports: A cyber attack on a computer of a contractor for the $313 billion Thrift Savings Plan, Washington, could have compromised account information for about 123,000 plan participants, the Federal Retirement Thrift Investment Board, which oversees the plan, announced Friday. […] The attack was made on a computer at Serco Inc., a contractor…
WHMCS victim of social engineering; over 500,000 client records stolen, deleted from server, and dumped publicly
Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…