Remember how I posted about how some frustrated researchers at Gibson Security had gone public with a SnapChat vulnerability that the firm allegedly hadn’t addressed? Well, now it seems 4.6 million SnapChat users’usernames and phone numbers have been leaked.
Category: U.S.
Accretive Health Settles FTC Charges That It Failed to Adequately Protect Consumers’ Personal Information
From the FTC, a follow-up on a breach that was first disclosed in September 2011, and that I’ve covered a number of times on PHIprivacy.net (see these articles). Regular readers may recall that Accretive was also sued by Minnesota’s Attorney General. That suit settled for $2.5 million in July 2012. Accretive Health, Inc., a company that…
Actelis Networks reports theft of safes with Human Resources files
Lawyers for Actelis Networks have notified the New Hampshire Attorney General’s Office of the theft of two safes containing some Human Resources files with personal information. In their notification dated December 13, they explain that two safes with password-protected files were stolen on December 7 or 8. The theft was reported to law enforcement. Files…
T-Mobile USA customers to be notified of security breach at supplier’s (update 2)
It looks like T-Mobile USA will be sending out breach notification letters to customers after the New Year. A template of their notification letter, uploaded today to California’s breach site, explains: We are writing to inform you of a recent incident of unauthorized access to a file stored on servers owned and managed by a…
Following hack, RegistratioNation discovers some customer data was inadvertently being stored on its server (updated)
RegistratioNation is a provider of automated online payment processing and database management for event registrations. On December 23, their attorneys notified the New Hampshire Attorney General’s Office of an intrusion that occurred on November 4, 2013. The intrusion was discovered on November 22, and during investigation, the firm discovered that although payment card information was supposed…
Orient-Express Hotels notifies guests after data security breach (updated)
The Orient-Express Hotels Ltd. and its subsidiaries have notified an unspecified number of customers of a breach involving their credit card information. On September 24, 2013, the luxury travel firm learned that an unauthorized individual had gained access to seven corporate e-mail accounts between July 2013 and September 24. Customers’ names, payment card numbers, card…