Isaac Wolf reports: A month ago, two phone carriers participating in a federal benefit program were alerted that sensitive customer records, including Social Security numbers and bank-account records, were freely posted online. Now, Oklahoma-based TerraCom Inc. and affiliate YourTel America Inc. — the companies that collected the records — say they don’t plan to notify…
Category: Subcontractor
Data breach puts DHS employees at risk of identity theft
Jason Miller reports: Tens of thousands of current and former Homeland Security Department employees are at risk of identity theft after officials discovered a vulnerability in the vendor’s system for processing background investigations. All DHS employees working in the headquarters office, for the Customs and Border Protection and for the Immigration and Customs Enforcement components…
Blaming the discoverer of a breach probably not a wise move
More on the Lifeline breach involving TerraCom and its affiliate YourTel America: Scripps Howard News Service has its report on the breach here, and has also published a companion piece with video of how they discovered the breach. As reported previously, Scripps reports that when notified of the leak, TerraCom had accused Scripps of accessing…
TerraCom notifies 150,000 Lifeline applicants after breach
Here’s a breach I didn’t see in the media but first learned of from the Wisconsin Office of Privacy Protection. According to that office, on April 26, 2013, TerraCom, a wireless learned of a security breach involving unauthorized access to personal data and downloaded files related to over 150,000 individuals. The data was stored on…
Two years after a vendor is hacked, OneWest Bank notifies customers
OneWest Bank has been notifying customers of a breach that occurred back in 2011. According to their letter, a copy of which they submitted to California under the state’s breach reporting requirements, the bank recently learned that one of our service providers, was the victim of an illegal and unauthorized intrusion into its network (“Network…
Sparks details attack and data theft
From their press release: The company behind Sparks, the app that is designed to help you connect with and meet new people nearby with whom you have shared interests, and which was first presented at SXSW in 2012, has given details of an attempted Denial of Service attack allegedly undertaken by an employee of their…