Law360 reports that Travelers Casualty and Surety Co. has settled its lawsuit against Ignition Studio Inc. The suit had alleged that Ignition Studio had not adequately secured Alpine Bank’s web site, resulting in a hack in 2012. Yesterday, both parties stipulated to the “dismissal of this action in its entirety with prejudice, each party to bear its…
Category: Subcontractor
Biggby Coffee warns of data security breach impacting customers and job applicants
Lindsay VanHulle reports: Biggby Coffee today said it was the target of a security breach that potentially exposed customers’ names, addresses, phone numbers, email addresses and employment histories. The East Lansing coffee chain did not say how many customers were affected. But Biggby said their data might have been compromised when they registered a frequent…
NJ: Weak password blamed in Swedesboro school hack
Carly Q. Romalino reports: A weak network password allowed hackers to infiltrate a Gloucester County school district’s network last week, holding its files hostage for more than $125,000, according to Educational Information and Resource Center experts. A ransomware attack on Swedesboro-Woolwich Elementary School District’s network last week interrupted state-mandated testing and locked down network files…
Let’s send an unencrypted thumb drive via mail. What can possibly go wrong, right?
No, Human Resource Advantage. You do not get to put an unencrypted thumb drive with employee records in the regular mail to TrustHCS and then claim you take the security of personal information in your control “very seriously.” From your own investigation, that drive contained names, Social Security numbers, dates of birth, bank account information, postal…
Nite Ize notifies consumers after hack at services provider
I really don’t understand why businesses that have had customer data hacked at their hosting provider do not name the host or third party. Why shield them from bad publicity when their security failure led to the business taking a reputation hit? Here’s another example, this one from Nite Ize, who was notified of a breach…
MD: IT specialist who hacked state databases sentenced
There’s a follow-up to a breach previously noted on PHIprivacy.net. AP reports: A Frederick man has been sentenced to six months in federal prison for stealing personal information of more than 11,000 intellectually and developmentally disabled people. Alexander Afonso, an information technology specialist, pleaded guilty to using another employee’s computer credentials to obtain the victims’ Social Security numbers and medical…