From their statistics: Intrusion Attempts (Blocked): 358,163,688 Malware (Blocked/Contained): 1,190,896,611 Suspicious/Malicious Emails (Blocked): 81,343,076 Outgoing Unencrypted Emails: 1,136 Associated Privacy/Security Events 18,589 Total Emails Blocked Lost and Stolen Device Incidents: 50 Lost PIV Cards: 154 Mishandled Incidents: 105 Mis-mailed Incidents: 165 Paper Mis-mailings, 7 Pharmacy-item Mis-mailings out of 7,465,613 Total Mailings In terms of specific incidents reported, a cooler containing lab specimens…
Category: Subcontractor
Travelers, Ignition Studio agree to dismiss lawsuit over Alpine Bank data breach
Law360 reports that Travelers Casualty and Surety Co. has settled its lawsuit against Ignition Studio Inc. The suit had alleged that Ignition Studio had not adequately secured Alpine Bank’s web site, resulting in a hack in 2012. Yesterday, both parties stipulated to the “dismissal of this action in its entirety with prejudice, each party to bear its…
Biggby Coffee warns of data security breach impacting customers and job applicants
Lindsay VanHulle reports: Biggby Coffee today said it was the target of a security breach that potentially exposed customers’ names, addresses, phone numbers, email addresses and employment histories. The East Lansing coffee chain did not say how many customers were affected. But Biggby said their data might have been compromised when they registered a frequent…
NJ: Weak password blamed in Swedesboro school hack
Carly Q. Romalino reports: A weak network password allowed hackers to infiltrate a Gloucester County school district’s network last week, holding its files hostage for more than $125,000, according to Educational Information and Resource Center experts. A ransomware attack on Swedesboro-Woolwich Elementary School District’s network last week interrupted state-mandated testing and locked down network files…
Let’s send an unencrypted thumb drive via mail. What can possibly go wrong, right?
No, Human Resource Advantage. You do not get to put an unencrypted thumb drive with employee records in the regular mail to TrustHCS and then claim you take the security of personal information in your control “very seriously.” From your own investigation, that drive contained names, Social Security numbers, dates of birth, bank account information, postal…
Nite Ize notifies consumers after hack at services provider
I really don’t understand why businesses that have had customer data hacked at their hosting provider do not name the host or third party. Why shield them from bad publicity when their security failure led to the business taking a reputation hit? Here’s another example, this one from Nite Ize, who was notified of a breach…