Chicago-based Assisted Living Concepts, LLC and its subsidiaries own and/or operate 200 assisted living facilities in 20 states. ALC uses an external vendor to process its payroll for its employees. On February 14, the vendor notified ALC that they had detected unauthorized access to ALC’s payroll database. Investigation revealed that ALC’s login credentials had been…
Category: Subcontractor
EMC notifying some employees after vendor error disclosed their names and SSNs to unauthorized parties
EMC is notifying employees after an unnamed vendor’s employee mistakenly sent out an Excel file with their personal information to parties not authorized to have their personal information. The error, which occurred on January 7, occurred because a quick glance at the file did not reveal the hidden fields containing their names, SSN, and old…
OR: Office landlord fined after trashing mortgage records in course of eviction
Eliot Njus reports: The owners of a Northeast Portland office building have been fined after a state regulator said its cleaning service threw 30 boxes of mortgage records into an unlocked trash bin while evicting a mortgage company. The Oregon Department of Consumer and Business Services has ordered 122nd Group LLC to pay $5,000 for failing to…
An update regarding your REDcard and the data breach
Ken Hess, a Target customer, received an update letter about the Target breach which he posted in its entirety on ZDNet. There is really nothing particularly new in the letter, other than Target says they (still) have no evidence of any misuse of their branded RED cards and only a “low amount” of misuse of…
Well.ca loses customer credit card data in security breach
Candice So reports: Well.ca, a Canadian online retailer for health and beauty products, has suffered a data breach, potentially losing the credit card information of some of its customers. In an email to its customers today, Well.ca said one of its service providers was “illegally compromised” between Dec. 22, 2013, and Jan. 7, 2014. The company…
TD Bank offers UNH students credit monitoring services after e-mail security lapse (update)
TD Bank is a service provider for the University of New Hampshire. On January 16, an employee e-mailed a file containing 674 students’ names and bank account numbers to the university, but failed to e-mail them in adherence with security protocols. The recipient notified the bank immediately. The university maintains the bank account numbers of…