Even when you don’t disclose personal information, you may get a bad reputation if your vendor sends email to the wrong parties, as this incident suggests: An email intended for applicants to a new online program at the University of Virginia instead was sent by a third-party vendor to a marketing list of people with…
Category: Subcontractor
Datapak notifies customers that malware may have been capturing their credit card information since March (Update4)
Datapak Services Corporation, an order fulfillment and payment processor based in Swanee, Georgia, recently learned that malware placed on their system on March 5 may have compromised the credit card information of customers of “several” e-commerce web sites. In a letter dated October 3, they note that customers’ names, addresses, and card numbers with expiration…
GA: Hundreds at risk for ID theft after info was taken from charity
Rachel Stockman reports: Melanie Miller, founded Suddenly Single Parents Inc., a non-profit that helps young parents, said she found all of the agency’s belongings gone after her property management company hired a mold remediation company to cleanup the office on Gresham Road. When she returned from the weekend clean up, the charity’s stuff, including furniture…
Some TD Bank customers’ information sent to other customers
Jennifer Gannon reports Some customers of TD Bank had their information sent to other customers because of what the bank called a vendor error. TD Bank said a national firm responsible for printing and mailing statements accidentally sent some customers statements that had other customers’ information on the back. Stephania Pearce was balancing her checkbook…
One year after data theft, Primedia (RentPath) employees and applicants notified of breach
I could have sworn I had posted something about the Primedia (formerly RentPath) breach, but maybe I just tweeted it and forgot to blog it. Thankfully, Jeff Goldman of eSecurity Planet provided a preliminary media report in June. This blog post incorporates an update to the incident. Back in May, attorneys for Primedia notified at…
Windhaven Investment Management notifies customers months after vendor-maintained server was hacked (update 3)
Windhaven Investment Management is notifying clients that a server maintained by an unnamed vendor suffered an unauthorized intrusion several months ago. As a result, customers’ names, account numbers, custodians, and investment positions for their Windhaven account(s) may have been accessed. Neither Social Security numbers nor dates of birth were exposed. Windhaven learned of the intrusion last month, but…