Lindsay VanHulle reports: Biggby Coffee today said it was the target of a security breach that potentially exposed customers’ names, addresses, phone numbers, email addresses and employment histories. The East Lansing coffee chain did not say how many customers were affected. But Biggby said their data might have been compromised when they registered a frequent…
Category: Subcontractor
NJ: Weak password blamed in Swedesboro school hack
Carly Q. Romalino reports: A weak network password allowed hackers to infiltrate a Gloucester County school district’s network last week, holding its files hostage for more than $125,000, according to Educational Information and Resource Center experts. A ransomware attack on Swedesboro-Woolwich Elementary School District’s network last week interrupted state-mandated testing and locked down network files…
Let’s send an unencrypted thumb drive via mail. What can possibly go wrong, right?
No, Human Resource Advantage. You do not get to put an unencrypted thumb drive with employee records in the regular mail to TrustHCS and then claim you take the security of personal information in your control “very seriously.” From your own investigation, that drive contained names, Social Security numbers, dates of birth, bank account information, postal…
Nite Ize notifies consumers after hack at services provider
I really don’t understand why businesses that have had customer data hacked at their hosting provider do not name the host or third party. Why shield them from bad publicity when their security failure led to the business taking a reputation hit? Here’s another example, this one from Nite Ize, who was notified of a breach…
MD: IT specialist who hacked state databases sentenced
There’s a follow-up to a breach previously noted on PHIprivacy.net. AP reports: A Frederick man has been sentenced to six months in federal prison for stealing personal information of more than 11,000 intellectually and developmentally disabled people. Alexander Afonso, an information technology specialist, pleaded guilty to using another employee’s computer credentials to obtain the victims’ Social Security numbers and medical…
UK: Urgent investigation into breach of benefit claimants’ data
Tom Potter reports a breach involving Colchester Borough Council: An urgent probe has been launched into how the personal details of benefit claimants were disclosed to some Colchester householders. The borough council is investigating the breach of personal data during the delivery of housing benefit notification letters to residents last week. […] The council said…