Marcia Lense reports: The Illinois Department of Insurance announced an inadvertent data release, that exposed critical personal information. According to a news release, the department received a complaint that Social Security numbers from a health care provider could be seen. The department says it had sent filings from Blue Cross Blue Shield to the System…
Category: U.S.
Common Market in Maine notifies customers of payment card breach
I’m not sure that posting a breach notification on a Facebook page is sufficient when you also have a web site where you could post the announcement. Assuming everyone is on Facebook is risky. Case in point: Common Market in Union, Maine, posted this on their Facebook page on October 30. ATTENTION COMMON MARKET CUSTOMERS…
Mystery Remains of Who Had Fingers on Keyboard in JPMorgan Hack
Michael Riley and Chris Strohm report: A key figure is missing in the court documents outlining the biggest computer attack ever of the U.S. financial system: the actual hacker. The Israeli mastermind of the crime syndicate with global operations — computer servers in Egypt, online casinos in Ukraine and Hungary, Azerbaijan payment processors and a…
MA: Theft of two registrar’s laptops put Brandeis University students’ data at risk (Updated)
Abby Patkin reports: Two Apple laptops containing academic and personal information for all students enrolled or taking a course at the University from the summer of 2012 to the present were stolen from the University Registrar, according to a Nov. 12 email sent by Marianne Cwalina, the senior vice president for finance and treasurer. The…
OPM’s $20M contract for ID theft protection violated federal rules
Can OPM do anything right? In this week’s installment of their totally infuriating breach and breach response saga, it appears that they didn’t follow proper procedures in awarding a contract for ID theft monitoring services for breach victims. Jack Moore reports: The inspector general of the Office of Personnel Management says a $20 million sole-source…
Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege
Jordan Smith and Micah Lee report: An enormous cache of phone records obtained by The Intercept reveals a major breach of security at Securus Technologies, a leading provider of phone services inside the nation’s prisons and jails. The materials — leaked via SecureDrop by an anonymous hacker who believes that Securus is violating the constitutional rights of inmates — comprise over…