Dylan Tweney reports: An Amazon.com security flaw allows some customers to log in with variations of their actual password that are close to, but not exactly, their real password. The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive. For…
Category: Other
Was a package of W-2’s shipped by Ceridian via FedEx tampered with? Ember Corp. prudently decides not to take chances.
Boston-based Ember Corporation is notifying 50 current and former employees of a possible breach after a package shipped by its payroll provider, Ceridian, via FedEx appeared to have been tampered with during shipment. In a notification to the New Hampshire Attorney General’s Office, Ember’s counsel indicated that the package arrived on January 10 but two…
(Ohio follow-up) Two sentenced in Franklin County Municipal Court ID Theft Case
Kathy Lyn Gray reports: Two Columbus residents will spend two and half years in federal prison for taking information from the Franklin County Municipal Court website and stealing people’s identities. Judge Gregory L. Frost sentenced Katura Mozelle, 23, today in U.S. District Court in Columbus on charges of bank fraud, conspiracy to commit bank fraud…
Running an ID theft ring from inside prison adds 14 years to sentence
A man who lead an identity-theft ring that ran up a quarter-million dollars worth of charges from inside a federal prison – and who continued the criminal activity even after pleading guilty to the charges – as sentenced to more than 14 years in prison, Steven M. Dettelbach, United States Attorney for the Northern District…
UK: First monetary penalties served for serious data protection breaches
The Information Commissioner today served two organizations with the first monetary penalties for what he characterized as serious breaches of the Data Protection Act. The first penalty, of £100,000, was issued to Hertfordshire County Council for two serious incidents where council employees faxed highly sensitive personal information to the wrong recipients. The first case, involving…
Update: ALDI breach potentially affects 8,000 in Maryland alone
Although ALDI has repeatedly said that the tampering of pin pads affected only a “limited number of stores” in their 1000+store chain, the number of customers affected continues to grow as new reports emerge. In a report to the Maryland Attorney General’s Office dated October 1, Terry E. Pfortmiller, ALDI Vice-President of Finance and Administration,…