John Ribeiro reports that a potential class action lawsuit has been filed against eBay in the wake of its disclosure of a breach: The consumer privacy class action lawsuit, filed Wednesday by Collin Green, a citizen of the state of Louisiana, alleged that the security breach was the result of eBay’s inadequate security in regard…
Category: U.S.
OK: Payne County treasurer’s office tosses sensitive documents in dumpster
Paige Hill reports that the Payne County assessor’s office noticed a dumpster full of documents and files with personal information including social security numbers – but before anything could be done, a dump truck hauled all the papers away. County Assessor James Cowan says he noticed documents that date from the 1980′s to 2008. Read more on…
Board OKs pact to protect U. Maryland security breach victims
Michael Dresser reports: The state Board of Public Works approved a contract worth an estimated $2.6 million Wednesday for a firm to monitor the credit activity of an estimated 300,000 people whose personal information was exposed as a result of a computer security breach discovered at the University of Maryland early this year. The board…
Massage school data breach may rub alumni the wrong way
Six hundred and eighty-three Maryland residents who are alumni of the Baltimore School of Massage (BSOM) and Baltimore School of Massage’s Steiner Institute of Esthetics are being offered three years of free credit monitoring, identity protection, and identity theft restoration services following on email error that exposed their information. On June 17, an employee accidentally…
FERPA does not require data breach disclosure
Over on PogoWasRight.org, I’ve recapped the U.S. Education Department’s responses to privacy complaints filed by parent and students under the Family Educational Rights and Privacy Act (FERPA). In going through the data provided to EPIC in response to their Freedom of Information Act request, I noted that in a few cases, the Family Policy Compliance…
Aloha point-of-sale terminal, sold on eBay, yields security surprises
Breaches involving point of sale (POS) systems in retail stores and the hospitality sector are all-too-common, and Aloha POS has been mentioned on this blog in some past breaches. Now Jeremy Kirk reports: Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal — a brand of computerized cash register…