Remember how Heartland Payment Systems took a lot of heat for announcing their breach at a time that coincided with President Obama’s inauguration? Since then, a lot of entities have been bashed a bit over the timing of their breach disclosures. As someone who tracks breaches, it became almost a given that I would find…
Category: Of Note
UK: Employees who stole T-Mobile customer data made to pay £73,700 for violating Data Protection Act
Two former employees of UK mobile operator T-Mobile who illegally stole and sold select customer data from the company in 2008 have today been ordered to pay a total of £73,700 in fines and confiscation costs as part of a hearing at Chester Crown Court. David Turley and Darren Hames pleaded guilty to offences under…
Citibank confirms hacking attack
Hackers have stolen data from thousands of Citibank customers in the US, the bank has confirmed. The breach exposed the names of customers, account numbers and contact information. But other key data, such as date of birth and card security codes were not compromised, the bank said in a statement. Citigroup is the latest in…
(follow-up) ACH Legal Ruling Favors Bank
A decision in the PATCO case mentioned previously here. Tracy Kitten writes: A magistrate has recommended that a U.S. District Court in Maine deny a motion for a jury trial in an ACH fraud case filed by a commercial customer against its former bank. According to the order, which must still be reviewed by the presiding judge,…
Financial data stealing Malware now on Amazon Web Services Cloud
Dmitry Bestuzhev of Kaspersky writes: There were some recent comments about Amazon Cloud as a platform for successful attacks on Sony… Well, today I found that Amazon Web services (Cloud) now is being used to spread financial data stealers. The evidence indicates that the criminals behind the attack are from Brazil and they used several…
Editorial: Let me make my own decisions, thankyouverymuch
The recent spate of hacks against Sony networks as well as a Congressional hearing where representatives of Sony and Epsilon testified about their recent breaches have stimulated another round of discussions about whether we need a federal breach disclosure law that preempts state laws, and if so, what the threshold or trigger should be for…