Candice So reports: Well.ca, a Canadian online retailer for health and beauty products, has suffered a data breach, potentially losing the credit card information of some of its customers. In an email to its customers today, Well.ca said one of its service providers was “illegally compromised” between Dec. 22, 2013, and Jan. 7, 2014. The company…
Category: Subcontractor
TD Bank offers UNH students credit monitoring services after e-mail security lapse (update)
TD Bank is a service provider for the University of New Hampshire. On January 16, an employee e-mailed a file containing 674 students’ names and bank account numbers to the university, but failed to e-mail them in adherence with security protocols. The recipient notified the bank immediately. The university maintains the bank account numbers of…
Pharmacy benefits management firm notifies clients’ employees whose data were stolen by employee for tax refund fraud (update1)
Tampa-based My Matrixx provides pharmacy and ancillary services for workers’ compensation programs. In November 2013, they were contacted by federal law enforcement and notified that a former employee of theirs in Florida was under investigation for filing fraudulent tax returns. By that time, the employee was no longer in their employ, but they were asked not…
Paragon Benefits employee pleads guilty to stealing TSYS and Kelley Mfg. employee data
Brittany Dionne reports the update to a case previously noted on this blog: The man accused of identity theft of more than 5,000 people at TSYS has pleaded guilty. Drew Johnson pleaded guilty to Unlawful Transfer and Possession or Use of a Means of Identification this morning at the federal courthouse in Columbus. The 26-year-old…
Email Attack on Vendor Set Up Breach at Target
Brian Krebs reports: The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Read more on KrebsOnSecurity.com
Statement on Target data breach by HVAC vendor Fazio Mechanical Services
Statement on Target data breach Fazio Mechanical Services, Inc. places paramount importance on assuring the security of confidential customer data and information. While we cannot comment on the on-going federal investigation into the technical causes of the breach, we want to clarify important facts relating to this matter: Fazio Mechanical does not perform remote monitoring…