Fashion to Figure (B. Lane, Inc.) is notifying customers of a breach involving malware inserted on their web host’s server. The malware was reportedly inserted on the unnamed host’s server on May 19, but Fashion to Figure did not realize it until October 16, when they started investigating why a web page was loading slowly. Potentially compromised…
Category: Subcontractor
Experian Posts $20M Charge Related to T-Mobile Data Breach
Diana Goovaerts reports: In its earnings report for the six months ended September 30, 2015, Experian posted a charge of $20 million stemming from its response to an October security breach that exposed the data of millions of T-Mobile customers. According to the report, the “one-off costs” came from Experian’s response to the hack, which included notifying impacted individuals,…
Ca: WorkSafeNB apologizes to 3,022 injured workers for privacy breach
CBC reports that too much information sharing went on when WorkSafeNB provided data to to Corporate Research Associates. The breach was not the polling firm’s fault, but WorkSafeNB’s, for providing details the contractor did not need and should not have been sent. WorkSafeNB has sent out more than three thousand letters of apology over a serious…
CT AG Jepsen, Hartford Hospital, Contractor Reach Agreement Resolving Investigation into Breach of Unencrypted Patient Information
There’s an update to a breach that I previously noted in 2012, and it reinforces the importance of your business associate contracts and the importance of monitoring them if you’re a HIPAA-covered entity: Hartford Hospital and the EMC Corporation will pay $90,000 and have agreed to institute additional training and control measures to resolve an…
Interstitial Cystitis Network notifies customers of payment card breach
The California-based Interstitial Cystitis Network is notifying customers of a breach after customers first alerted them that payment cards used on their site had been compromised. In a letter dated October 26, ICN writes that the ICN Mail Order Center (www.icnsales.com) was compromised during the period of April 6, 2015 and October 1, 2015; customers placing orders during…
Indian Trade Groups Probe GIA Data Breach Linked to Contractor’s Employee
Rapaport News reports: India’s Gems and Jewellery Export Promotion Council (GJEPC) and the Bharat Diamond Bourse (BDB) have formed a joint committee to investigate the alteration of Gemological Institute of America (GIA) diamond grading reports, according to The Times of India (TOI). The GIA last week published the names and suspended the accounts of 19 firms implicated in the…