The Information Commissioner’s Office issued a press release and summary analysis of breaches: With the number of breaches involving people’s personal information reported to the Information Commissioner’s Office (ICO) reaching 1000, the privacy watchdog is urging organisations to minimise the risk of mistakes. Staff need simple procedures on how to handle personal information with appropriate…
Category: Of Note
WARNING: American Express fails miserably at basic security (with update)
When Joe Damato looked under the hood of American Express Network’s Daily Wish sign-up form, he wasn’t happy: The Daily Wish sign up form from the American Express Network is sending credit card numbers, expiration dates, and all the other personal information on the sign up form in the clear back to their server. Holy….
Restauranteurs threaten to sue POSitouch and NJ reseller
Yesterday’s press releases brought news of another potential lawsuit involving the restaurant industry and a POS vendor and reseller. I recognize the attorneys’ names as the same attorneys who filed suit on behalf of some Louisiana restauranteurs against another POS vendor, Radiant Systems, and their reseller, Computer World, last year. According to the press release,…
HMRC mails wrong private info to 50,000 19,000 taxpayers
John Oates reports on another black eye for HMRC: Her Majesty’s Revenue and Customs apologised today for sending out private information to 50,000 tax credit recipients. One taxpayer who contacted The Register said: “We received our tax credit notice with our National Insurance details but on the back were two strangers’ work, childcare and pay…
44 million stolen gaming credentials found in online warehouse
Ellen Messmer reports: Symantec says it has unearthed a server hosting the credentials of 44 million stolen gaming accounts — and one of the most surprising aspects of it is that the accounts were being validated by a Trojan distributed to compromised computers. The purpose of this Trojan-based validation is apparently to figure which credentials…
City of Charlotte joins list of Towers Watson data loss victims
The City of Charlotte becomes the third entity to reveal that their data were on two DVDs lost by Towers Watson. In April, DataBreaches.net reported that Lorillard Tobacco was notifying employees that their names, addresses, dates of birth, and Social Security numbers were on two missing DVDs. General Agencies Welfare Benefits Program also reported that…