The breach involving ALDI grocery stores is apparently larger than earlier reports suggested as reports trickle in from Pittsburgh and other areas. The chain has updated its statement on its website today: October 1, 2010 ALDI Inc. recently learned that, from approximately June 1, 2010 to August 31, 2010, tampered payment card terminals were illegally…
Category: Of Note
37 Charged in Global Bank Fraud Schemes that Used “Zeus Trojan” and Other Malware to Steal Millions of Dollars from U.S. Bank Accounts
Charges have been filed in New York against 37 defendants, in 21 separate cases, for their roles in global bank fraud schemes that allegedly used hundreds of false-name bank accounts to steal over $3 million from dozens of U.S. accounts that were compromised by malware attacks. According to Complaints unsealed today in Manhattan federal court,…
States unable to protect citizens’ personal, health data from cyberthieves
Byron Acohido writes: This should come as no surprise. State government agencies aren’t devoting nearly enough resources to protect citizens’ sensitive data from hackers and data thieves. Some 49 out of 50 states report that a lack of budget is crippling efforts to manage cybersecurity effectively. One state chose not to participate. That’s the upshot…
When is three years of free credit monitoring still not enough?
How quickly times change. It seems like only a few years ago that we thought it newsworthy that a breached entity would offer a year of free credit monitoring. Then it became newsworthy when they offered two years. Then it became newsworthy when they didn’t offer any free services. Now some retirees in Delaware are…
Maine: Student SSN Collection for Tracking On Hold After Data Breach
I’ve previously covered the new law in Maine that asks parents to provide their children’s Social Security Numbers so that the state can track the students. A number of school boards had the wisdom to write to the parents and basically say, “Look, we have to ask you for it, but we encourage you to…
Maryland Court: Employees Who Steal Data from the Company Computer Do Not Violate the Computer Fraud and Abuse Act
Nick Ackerman of Dorsey & Whitney LLP has a nice write-up on a Maryland court decision that although it doesn’t deal with PII, does deal with whether an employee can be found guilty of “unauthorized access:” A federal district court in Maryland held that an employee who stole proprietary data from his prior employer did not…