Jeff Goldman reports: The tax preparation solutions provider TaxAct recently began notifying an undisclosed number of customers that their personal information may have been inappropriately accessed. “We have concluded that an unauthorized third party accessed your TaxAct account between November 10 and December 4, 2015,” the company stated in a letter [PDF] sent on January 11, 2016 to those…
Category: Other
Europol confirms raid against DDoS extortion ring DD4BC, one arrest
Steve Ragan picked up on a press release from Europol. He reports: A press statement from Europol says that in December, law enforcement officials in Austria, Bosnia and Herzegovina, Germany, and the U.K. raided two people in an ongoing investigation against the extortion group DD4BC. DD4BC, or DDoS 4 Bitcoin, has generated a good deal…
26-year-old Turkish hacker sentenced to record 334 years in prison for ID theft, bank fraud
If you thought our federal prosecutors over-charge under the CFAA and/or seek unreasonable prison terms for hacking, read this story in the Daily Sabah: … Onur Kopçak was sentenced Sunday to 135 years in prison for stealing 11 people’s credit card information and selling it to other cyber criminals. With this new sentence approved by the…
MN: Court says cyberattacks struck judicial branch website Issues
AP reports that the Minnesota Judicial Branch website was unavailable to the public last month due to DDoS attacks. No data were breached. Read more on MPR.
Uber settles NYS probes, agrees to pay $20K fine, adopt data security provisions
I’m not seeing any press release from NYS Attorney General Schneiderman’s office yet, but Kenneth Lovett of the NY Daily News reports that Uber has settled two probes stemming from both its “God View” privacy breach scandal and delayed notification of a breach involving drivers’ information. In addition to paying the $20,000 fine to settle both probes,…
Henry Schein settles FTC charges it misled customers about encryption of patient data
It appears the FTC acted on a complaint I filed with them last year concerning Henry Schein Dental’s use of the word “encryption” in their marketing and their refusal to individually notify customers that the “encryption” provided by Dentrix G5 was not NIST-grade encryption that would give them Safe Harbor under HIPAA. Background on my concerns…