Giles Bruce reports yet another instance where a firm or covered entity closes and confidential data is just dumped, unshredded. I wish HHS and/or FTC would go after more of these situations and impose some serious consequences to send a clear message that this will not be tolerated. Medical tests. Copies of Social Security cards,…
Category: U.S.
Data hacked from U.S. government dates back to 1985: U.S. official
Andrea Shalal and Matt Spetalnick report: Data stolen from U.S. government computers by suspected Chinese hackers included security clearance information and background checks dating back three decades, U.S. officials said on Friday, underlining the scope of one of the largest known cyber attacks on federal networks. Of the four million federal employees whose data were…
Scammers get personal info from 150 people on U-M email system
John Counts reports: Some email accounts of University of Michigan students and staff have been compromised, according to an alert posted on the school’s public safety departmental website Thursday. The alert says that more than 150 people on the system have fallen victim to “phishing emails” this week. People who have clicked on the scam…
OK: Saint Francis Hospital Gift Shop Acts to Block Payment Card Security Incident
Saint Francis Health System (“Saint Francis”) takes seriously the privacy and confidentiality of the personal information provided to it by visitors to the Saint Francis Hospital gift shop. Regrettably, this notice is about an incident involving some of that information. On March 20, 2015, Saint Francis discovered that an unauthorized person remotely installed malware on the…
After breaches, higher-ed schools adopt two-factor authentication
Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…
Eataly payment card breach spanned 3 months; NYC customers offered credit monitoring services
Eataly, the high-end Italian food market that announced a payment system breach provided additional details in an update: Eataly NY, LLC (“Eataly”) recently became aware of a personal information security incident possibly affecting certain individuals who made a payment card purchase at the Eataly NYC Retail Marketplace, located at 200 5th Avenue, New York, NY 10010 (the “NYC…