Justin Jouvenal reports: The cybersecurity expert and hacker claimed he created a sophisticated attack that allowed him to add unlimited funds to gift cards from major retailers — a security hole that could have resulted in huge losses for Starbucks, Kmart and Whole Foods Market. But the story the Springfield man told federal agents and The Washington…
Category: U.S.
Nine Defendants Plead Guilty in $20 Million Stolen Identity Refund Fraud Ring
There’s a follow-up to a case previously reported on PHIprivacy.net and on this site. From the U.S. Department of Justice: Alabama and Georgia residents pleaded guilty for their roles in a $20 million stolen identity refund fraud (SIRF) conspiracy, Acting Assistant Attorney General Caroline D. Ciraolo of the Justice Department’s Tax Division and U.S. Attorney George…
Hacked uni’s admins hand ID theft prevention reward to data burglars
I wish this was an April Fools’ Day prank, but it’s not. Alexander J. Martin reports that Bradley University’s response to their recent breach may just have made things worse for their employees. Keep in mind as you read the following that the breach involved Social Security numbers: The private institution then attempted to mitigate…
FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair
Katherine Gasztonyi writes: On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act…
MA: Life Care Center of Attleboro Notifies Former Patients and Employees of Missing Records
Patients at Life Care Center of Attleboro between 1992 and 2004, in 2006, or in 2011, may have been affected by a breach involving paper records. The breach involved storage vendor Iron Mountain, who was unable to locate the records during a limited audit. Although neither Iron Mountain nor Life Care Center of Attleboro seem to suspect data…
More details on the French Lick Resort payment card breach
In January, French Lick Resort in Indiana disclosed a malware-related breach affecting payment card data. On January 31, attorneys for Blue Sky Casino, LLC, the parent company, formally notified the Maryland Attorney General’s of the incident. The notification provides additional details on the incident, including the fact that the firm sent out 87,975 notification letters…