On March 20, 2015, attorneys for the Central Dauphin School District in Pennsylvania notified the Maryland Attorney General’s Office of a breach involving visitors’ drivers license images. The district has a security system that involves scanning visitors’ drivers licenses when they enter the administration building. The laptop that stored those images, which was provided by…
Category: Subcontractor
FL: Bright House Cable work orders found trashed
Erik Sandoval reports that WKMG received a viewer tip about Bright House Cable customer information found behind Jaguar, Inc. Jaguar is a contractor for Bright House Cable in Altamonte Springs. The work orders exposed the names, addresses and other personal information of dozens of customers. Bright House provided a statement to WKMG: “Bright House…
Technical College of the Lowcountry notifies students whose SSN were exposed online by third party
On April 27, the Technical College of the Lowcountry in Beaufort, South Carolina, disclosed a breach involving high school students who had enrolled in a program they offered. Here is their first statement: On Thursday, April 23, 2015, the Technical College of the Lowcountry was notified of a possible data security incident involving the online publication…
Compass Group USA notifies consumers of NEXTEP-related payment card breach
As noted previously on this site, Point-Of-Sale (POS) vendor NEXTEP confirmed that they were investigating a potential breach after being notified by law enforcement that some of its customer locations had been compromised in a potentially wide-ranging credit card breach. Brian Krebs broke the story, here. Today, Compass Group USA submitted a copy of an April 16th notification…
And then there were four five (Ascension Health entities breached)
Now that I know what I’m looking for, I’m finding more evidence of targeted email attacks affecting members of Ascension Health. For previous reports on this incident, read here and here. On March 16, Sacred Heart Health System in Florida posted this notice on their site about a breach they reported to HHS as affecting…
VA report for March, 2015
From their statistics: Intrusion Attempts (Blocked): 358,163,688 Malware (Blocked/Contained): 1,190,896,611 Suspicious/Malicious Emails (Blocked): 81,343,076 Outgoing Unencrypted Emails: 1,136 Associated Privacy/Security Events 18,589 Total Emails Blocked Lost and Stolen Device Incidents: 50 Lost PIV Cards: 154 Mishandled Incidents: 105 Mis-mailed Incidents: 165 Paper Mis-mailings, 7 Pharmacy-item Mis-mailings out of 7,465,613 Total Mailings In terms of specific incidents reported, a cooler containing lab specimens…