Lawyers for Chart Industries, Inc. recently notified [pdf] the New Hampshire Attorney General’s Office that eight of Chart Industries’ laptops were stolen on the evening of July 23 from their corporate offices in Garfield Heights, Ohio. The theft was discovered the next morning and immediately reported to the police. Chart discovered the theft on Friday…
Category: U.S.
Lockheed Martin: hard drive not totally wiped
Lockheed Martin recently notified some former or current employees that a hard drive that formerly belonged to them had been found for sale on eBay by academic researchers participating in a global research project. The researchers turned the drive over to the FBI when they found some employee data still readable on the drive. According…
Stolen NY Life Insurance laptop had customer info
For the second time in as many months, New York Life Insurance is notifying customers of a data breach. In the newest incident, a laptop containing unencrypted customer information was stolen from an employee’s vehicle in a “smash and grab.” In a somewhat unusual notification [pdf] to the New Hampshire Attorney General’s Office, NY Life…
Wells Fargo employee accused of accessing customers’ accounts
A Wells Fargo Bank employee working inside a bank call center was arrested Friday for accessing customer accounts and taking money out, according to the U.S. Attorney’s office. Ronita Prasad, 28, of Antelope gained access to customer accounts through a protected system without authorization. She used customer account access to pay her own debts, open…
Amex cardholders’ data stolen by employee
A lot of sites are posting a news story with almost no details involving American Express. From what I read elsewhere about the notification, this is likely the incident that was reported here last month.
An open letter to Heartland CEO Robert Carr
Rich Mogull of Securosis joins Mike Rothman in taking Heartland Payment Systems CEO Bob Carr to task for his comments that seemed to shift responsibility for the breach to the assessors who told them they were PCI-compliant: […] PCI compliance means you are compliant at a point in time, not secure for an indefinite future….