Scott Daugherty reports: They drove up and down the East Coast trying to break into Wells Fargo mortgage offices, according to court documents. New York, New Jersey, Pennsylvania, Connecticut and Maryland. Thirteen locations in all. Jeffrey “Lef” Washington and his crew weren’t interested in cash, though. The money would come later. They wanted the personal…
Category: U.S.
United website breach let fliers see each others’ private data
I reported on the United Airlines MileagePlus incident earlier this month, but now Cory Doctorow is reporting yet another breach involving United Airlines: My wife came back from giving a conference speech in Las Vegas in December with the weirdest story: when she fired up the United check-in mobile site, she found herself looking at…
Former IRS employee pleads guilty to tax fraud
SAN FRANCISCO – Valorie Shaw pleaded guilty in federal court in San Francisco today to conspiracy to file false claims. In pleading guilty, Shaw, 38, of Oakland, admitted that for the past three years she was employed as a tax return preparer at “Kwiktax”. Prior to working at Kwiktax, she held a variety of…
TX: Tax documents from BBS, Inc. found in dumpster
A Houston tax preparer, BBS, Inc. (also known as Bill’s Bookkeeping Service) linked to hundreds of improperly discarded documents containing personal information said that an employee was to blame for the improper disposal. Joel Eisenbaum reports on Click2Houston.
French Lick Resort confirms guest credit card information stolen after malware went undetected for 9 months
WDRB reports: The French Lick Resort says a data breach may have compromised its credit card system. Guests and visitors of the resort may have had their credit card information compromised, if they used a card between April 23, 2014 and Jan. 21, 2015. An investigation with a data security company showed that malware had…
U. Chicago hacked by Carbonic – claim (Updated)
It appears we should add the University of Chicago to schools hacked by Carbonic. And yes, chalk it up to another SQLi vulnerability. In a statement to DataBreaches.net, @MarxistAttorney reported that they got payroll information, employee IDs and a “substantial amount of information they didn’t publicize.” A copy of the url vulnerable to SQLi exploit was…