Sarah Schmidt reports: Companies can decide whether to tell their customers when they lose their personal information or hackers steal it, according to legislation tabled Tuesday by the Conservative government. The proposed amendments to Canada’s private sector privacy law will require banks, retailers and other companies to inform Canada’s privacy watchdog if they’ve experienced a…
Category: Of Note
FAQ on Alberta’s New Breach Notice Law
David Navetta writes: Earlier this month (May 1, 2010), Alberta became the first Canadian province to pass a broad breach notice law (“Bill 54”) as part of their comprehensive data privacy statute, the Personal Information Protection Act (“the Act”; technically, Alberta is the second province to pass a breach notice law in Canada, Ontario previously…
Study: ITRC Encouraged by 2009 Victim Aftermath Study
The Identity Theft Resource Center has released its annual Aftermath study. From their press release: For the first time in 7 years, The Identity Theft Resource Center (ITRC)® can state that it is encouraged by the findings of the Identity Theft: The Aftermath 2009™. It is becoming clear that some areas of great distress in…
MasterCard Reaches Settlement With Heartland Payment Systems To Provide Issuers Worldwide Up To $41.4 Million For Data Breach Claims
MasterCard Worldwide today announced it has reached a settlement with Heartland Payment Systems (Heartland) to resolve claims by MasterCard and its issuers in connection with Heartland’s previously announced data security breach. The settlement agreement calls for Heartland to fund up to $41.4 million of “alternative recovery offers” to be made to eligible MasterCard card issuers…
Fraud Bazaar Carders.cc Hacked
Brian Krebs reports: Carders.cc, a German online forum dedicated to helping criminals trade and sell financial data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of potentially identifying information on the forum’s users as well as countless passwords…
Stolen server contains medical info on 40,000 eye patients
OCR added a few more breaches to its list. Two were covered earlier today on PHIprivacy.net, but the third one, added later in the day, affected 40,000 people: Silicon Valley Eyecare Optometry and Contact Lenses State: California Approx. # of Individuals Affected: 40,000 Date of Breach: 4/02/10 Type of Breach: Theft Location of Breached Information:…