I’ve recently seen a number of reported breaches involving unnamed payroll vendor(s). I wish notification letters would name the breached vendor(s) so we’d know if it’s the same vendor or if a bunch of payroll vendors have recently been successfully attacked. Today’s report is from Sorenson Communications, who notified U.S. Sorenson Communications and CaptionCall@ employees that…
Category: U.S.
Chicago’s Trustwave sued over Target data breach
Ooh. Trustwave has been sued for their role in the Target breach. The plaintiffs in the potential class action lawsuit are Green Bank and Trustmark Bank John Pletz reports: Although the most serious allegations are leveled at Target, the suit alleges that Trustwave failed to identify deficiencies in the retailer’s IT systems. Trustwave’s software audits companies’ IT systems…
Judge Refuses to Dismiss Confession, Evidence in Reuters Employee Hacking Case
Kim Zetter reports: A federal judge has refused to dismiss a recorded confession and computer evidence collected in the case of a former Reuters employee accused of conspiring with members of Anonymous to hack his former employer. Matthew Keys, 26, sought to throw out his confession on the grounds that he was on an antidepressant…
Data breach involving card payment data at California Department of Motor Vehicles – Krebs (update 3)
Brian Krebs reports that what’s already been a bad month for California residents in terms of data breaches just got worse: The California Department of Motor Vehicles appears to have suffered a wide-ranging credit card data breach involving online payments for DMV-related services, according to banks in California and elsewhere that received alerts this week about compromised cards…
VA: Security breach leaves Richmond firefighters’ social security numbers exposed
WTVR reports: Though the Richmond Fire Department spokesperson believes it was a mistake, a file containing all department Social Security numbers was exposed online. A file was created that contained all department Social Security Numbers, it was a file created for users that needed access to the information, according to Lt. Robbie Hagaman. For example, if…
Law firm notifies employees after vendor’s server accessed
So here’s another case where a vendor’s database was accessed by someone who was able to acquire a client’s login credentials: The international law firm of McKenna Long & Aldridge notified the Maryland Attorney General’s Office on February 26 that 441 current and former employees’ W-2 information and other information were involved: As a result…