A post describing a massive data leak/exposure incorrectly identified CSAC as one of the entities whose data were exposed. CSAC informs this site that it was CSAC-EIA, a separate organization. DataBreaches.net apologizes to CSAC for the error and has corrected the post. In that same story, York Insurance Group was also incorrectly listed as an affected…
Category: Subcontractor
Oops! Error by Systema Software exposes millions of records with insurance claims data and internal notes (Update3)
Insurance carriers, third party administrators (TPAs), and self-insureds had claims data exposed when a cloud-hosted claims management service inadvertently left their databases and files unprotected on a public server. Another week, another infosecurity failure that exposed oodles of personal information. This time, it’s a leak that not only exposed insurance claims data, but allegedly included internal documents that reveal how…
NC: Charlotte-Mecklenburg Schools notifies 7,600 job applicants of privacy breach
Adam Bell reports: Charlotte-Mecklenburg Schools has notified about 7,600 job applicants that their personal information, including Social Security numbers, was shared with an outside contractor without their consent. […] In a statement Tuesday morning, CMS said that one of its employees entered into an agreement with a vendor prior to obtaining proper authorization, and that resulted…
CVS confirms customer data stolen in PNI Digital Media attack (updated)
There’s an update to the PNI Digital Media breach that affected the online photo centers for major retailers such as CVS, Costco, Walmart, RiteAid, Sam’s Club. The breach was first disclosed over the summer, but now AP reports that investigators for CVS have not only confirmed the hack, but some customers’ information may have been…
DoD Issues Interim Rule For Contractors on Incident Reporting and Cloud Computing Services
Joe Lazzarotti writes: Government contractors have a wide range of unique challenges (find out more about these here), not the least of which is data security. A good example is the interim rule the Department of Defense (DoD) issued last month that implements sections of the National Defense Authorization Act for Fiscal Years 2013 and…
UK: Bank details of thousands of Lloyds’s customers stolen from insurer
Hilary Osborne reports: Bank details of thousands of Lloyds Premier account customers have been taken from an insurer, and customers have been warned to take out cover against fraud. Some Premier Banking customers who had emergency cover from Royal Sun Alliance (RSA) through their paid-for accounts between 2006 and 2012 have been told that personal…