Kevin Poulsen provides newly released details on the 7-Eleven hack included in Albert Gonzalez’s plea agreement: ….In his most recent plea agreement, filed in court on Monday, confessed hacker Albert Gonzalez admitted conspiring in the 7-Eleven breach, and fingered two Russian associates as the direct culprits. The Russians are identified as “Hacker 1″ and “Hacker…
Category: Of Note
Albert Gonzalez Enters Plea Agreement in Heartland, Hannaford Cases
Kim Zetter reports: Albert Gonzalez, who has admitted hacking into TJX and other companies, has filed a plea agreement in charges that he breached Heartland Payment Systems, Hannaford, 7-Eleven and two other companies. Under the terms of the agreement, Gonzalez, a former Secret Service informant, will plead guilty to two counts of conspiracy to gain…
Heartland to pay up to $2.4 million to settle cardholder class action suit
Under the terms of the settlement, Heartland says it will pay a minimum of $1 million and up to a maximum of $2.4 million to class members who submit valid claims for losses as a result of the intrusion. The payment processor says it will also shell out $1.5 million for the cost of notice…
UPDATE: France agrees to hand back ‘stolen’ Swiss bank data
From the Agence France-Presse: France said Monday it would agree to a Swiss request to hand back data taken from a HSBC bank branch in Geneva that is at the centre of a row between the two countries. France said Monday it would agree to a Swiss request to hand back data taken from a…
Gonzalez sentencing memo reveals some numbers on breaches
Apart from the fact that I don’t think we should be getting our news about breaches from court filings years after a breach occurs, it is still somewhat interesting when we finally get some numbers — even if they are are estimates or arguable. In a court filing by Albert Gonzalez’s attorney yesterday, there are…
So where are the breach reports on HHS?
The following is cross-posted from PHIprivacy.net: Under the provisions of the HITECH Act that went into effect several months ago, covered entities are required to report breaches involving the unsecured protected health information of 500 or more individuals to the Secretary of the U.S. Department of Health & Human Services. Unfortunately, HHS watered down the…