When your employees’ data are up for sale on the dark web, that’s a pretty good indicator you’ve had a breach – if the data are valid. Joseph Cox reports: Apparent names, email addresses, phone numbers, and other information relating to some 40,000 Cox Communications employees is currently advertised on a marketplace specialising in stolen…
Category: U.S.
CFPB fines start-up Dwolla $100,000 for misrepresenting its data security
It’s not just the FTC looking at your security and your representations to clients about the security of your product. While the FTC recently settled charges against Henry Schein Practice Solutions for advertising a Dentrix product as providing “encryption” when it didn’t, the Consumer Financial Protection Bureau is also taking aim at companies that mislead consumers about security,…
PA: FBI investigates Main Line Health Spear Phishing Incident (UPDATED)
Another day, another successful phishing scheme. In late afternoon on March 1, 2016, Main Line Health learned of a “spear phishing” incident that affected the personal information of all Main Line Health employees. Main Line Health immediately alerted federal authorities, including the IRS and FBI, regarding this incident and is cooperating with their investigation. No…
Eye Institute of Corpus Christi notifies patients of breach
Here’s yet another case where patients’ personal information and protected health information was stolen and used to solicit patients to another practice. The Eye Institute of Corpus Christi, through its external counsel, disclosed that on January 6, they learned that individuals associated with doctors formerly employed by the Eye Institute copied the patient database and provided…
Central Concrete Supply notifies employees of breach involving W-2’s
Another business discloses a breach that sounds like it might have been another business email compromise (impersonation) scam: We are writing to tell you about a data security incident that may have exposed some of your personal information as an employee of Central Concrete Supply Co., Inc., Right Away Redy Mix, Inc., or Rock Transport, Inc….
Leader Of Global Cybercrime Campaigns Pleads Guilty To Computer Intrusion And Access Device Fraud Conspiracies
There’s an update to a previously reported case involving a Turkish man accused of involvement in a massive scheme that netted over $50 million from financial institutions: Earlier today, Ercan Findikoglu, a Turkish citizen also known by the online nicknames “Segate,” “Predator,” and “Oreon,” pleaded guilty to computer intrusion conspiracy, access device fraud conspiracy, and effecting transactions with…