Joseph Lazzarotti of Jackson Lewis writes: On August 18, 2010, the Connecticut Insurance Commissioner issued Bulletin IC-25 which mandates that entities within its jurisdiction notify the Department of Insurance of any “information security incident.” This post provides a brief summary of this new requirement. […] What is an “information security incident”? Under this Bulletin, an information security…
Category: Of Note
Researcher Creates Clearinghouse Of 14 Million Hacked Passwords
Andy Greenberg reports: Canadian researcher Ron Bowes has created a sort of Wall of Sheep for the entire Internet. By simply collecting all the publicly-spilled repositories of users’ passwords from recent hacking incidents, he’s created a clearinghouse for stolen passwords on his Web site–14,488,929 distinct passwords to be exact, collected from 32,943,045 users. Bowes didn’t…
NYC D.A. announces 147-count indictment in case involving 800 stolen credit reports
Manhattan District Attorney Cyrus R. Vance, Jr. announced the indictment of Iguosade Osahon, 28, for stealing more than $500,000 by exploiting stolen identity information over a three-year period. Osahon stole the names, dates of birth, and Social Security numbers of more than 750 individuals to obtain at least 800 credit reports, which in turn he…
UPDATE: Idaho Power says Mercer breach affected over 375,000
The Mercer Health & Benefits breach involving a backup tape lost in transit after being shipped by FedEx is one of those multi-client breaches that comes out in dribs and drabs. But if Mercer hoped to keep the total number affected under wraps, one of their clients may have spilled their beans. On August 12,…
UK insurer hit with biggest ever data loss fine
John Oates reports: Zurich Insurance must pay an enormous £2.3m fine for losing thousands of British people’s personal data. The fine was imposed not by the Information Commissioner’s Office but by the Financial Services Authority. Zurich Insurance lost 46,000 customer records including some bank details when a tape back-up went missing between two sites in…
Judge approves Countrywide Financial ID theft settlement
A federal judge on Monday granted final approval to a settlement between Countrywide Financial Corp. and millions of customers left at high risk for identity theft because of a security breach. The breach and terms of the settlement have been previously covered on this site and in PogoWasRight.org’s archives, but the Associated Press story provides…