From the Information Commissioner’s Office: A financial services company with operations in the UK, USA and Middle East breached the Data Protection Act by losing over 600 customers’ personal details, the Information Commissioner’s Office (ICO) said today. E*Trade Securities Ltd discovered that a large number of customer files were missing in April 2010 when they…
Category: Subcontractor
UK: Basildon Council staff personal data published online
Details of an Essex council’s entire workforce were released online in a “serious security breach”, it has said. Names, dates of birth, sickness information and work contact numbers for Basildon Council’s staff of “about 1,000” were published on the internet. A council worker spotted the breach on Monday and the details were removed by Tuesday,…
IL: Report cards mistakenly delivered to emergency contacts
Melissa Jenco reports: Naperville Unit District 203 may not get very high marks in the subject of report card distribution this semester. The district recently learned copies of some high school students’ report cards were accidentally sent to the person listed as their emergency contact. Chief Information Officer Roger Brunelle said a vendor made an…
CA: Sequoia Hospital vendor posted hospital employees’ personal information online
Aaron Kinney reports: A contractor working for Sequoia Hospital inadvertently posted the personal information of 391 current and former hospital employees on a public website, where it stayed for four years, the hospital said Thursday. An employee for Towers Watson, an international professional services firm, posted the information in October 2007, hospital CEO Glenna Vaskelis…
GA: Tough Questions for staffing agency about discarded documents
Bernard Watson reports on a breach involving Staffing Solutions that they had reported last week. In this case, I think a business may get a bad rep for something that really wasn’t their fault at all. See what you think: “We will keep your information secure.” That is the mantra Shawn Poole has based his…
Update 101domain.com
As an update to the breach previously noted on November 27, 101domain.com’s notification to the New Hampshire Attorney General’s Office reveals some additional details, including a statement that all of the data were encrypted. That wasn’t mentioned in their notification letter or previous coverage, and I’m a bit surprised that they wouldn’t have made…