It’s not just the FTC looking at your security and your representations to clients about the security of your product. While the FTC recently settled charges against Henry Schein Practice Solutions for advertising a Dentrix product as providing “encryption” when it didn’t, the Consumer Financial Protection Bureau is also taking aim at companies that mislead consumers about security,…
Category: U.S.
PA: FBI investigates Main Line Health Spear Phishing Incident (UPDATED)
Another day, another successful phishing scheme. In late afternoon on March 1, 2016, Main Line Health learned of a “spear phishing” incident that affected the personal information of all Main Line Health employees. Main Line Health immediately alerted federal authorities, including the IRS and FBI, regarding this incident and is cooperating with their investigation. No…
Eye Institute of Corpus Christi notifies patients of breach
Here’s yet another case where patients’ personal information and protected health information was stolen and used to solicit patients to another practice. The Eye Institute of Corpus Christi, through its external counsel, disclosed that on January 6, they learned that individuals associated with doctors formerly employed by the Eye Institute copied the patient database and provided…
Central Concrete Supply notifies employees of breach involving W-2’s
Another business discloses a breach that sounds like it might have been another business email compromise (impersonation) scam: We are writing to tell you about a data security incident that may have exposed some of your personal information as an employee of Central Concrete Supply Co., Inc., Right Away Redy Mix, Inc., or Rock Transport, Inc….
Leader Of Global Cybercrime Campaigns Pleads Guilty To Computer Intrusion And Access Device Fraud Conspiracies
There’s an update to a previously reported case involving a Turkish man accused of involvement in a massive scheme that netted over $50 million from financial institutions: Earlier today, Ercan Findikoglu, a Turkish citizen also known by the online nicknames “Segate,” “Predator,” and “Oreon,” pleaded guilty to computer intrusion conspiracy, access device fraud conspiracy, and effecting transactions with…
Data breach at Illinois State University involving payments to employees
Adam Studzinski reports that a data breach at Illinois State University caused the payroll of 13 university employees to be misdirected. But from the coverage, it doesn’t sound like their payments were misdirected to other employees, but rather, to criminals. The university is investigating how the breach occurred. Groves added it appears at least five other universities…