Following a public comment period, the Commission has approved a final consent order in the CVS Caremark case involving failure to adequately secure customers’ medical and financial data. Prior coverage of the case can be found here. Additional documents on the case can be found here. According to the complaint, CVS Caremark did not implement…
Category: U.S.
Analysis of Savvis’ Motion to Dismiss Lawsuit
David Navetta has written a clear and helpful analysis of Savvis’ motion to dismiss Merrick Bank’s lawsuit against Savvis, arising out of the CardSystems Solutions breach.
Security Breach Announced at Cornell
A stolen Cornell University computer has compromised the personal information of thousands of members of the University community. The computer contained the names and social security number of current and former students as well as current and former faculty and staff members. An e-mail obtained by WVBR said that currently, no misuse of this sensitive…
TJX Settles with 41 States
TJX announced that it has settled with 41 Attorneys General over its massive data breach that they disclosed two years ago. In its statement, TJX denied that it broke any laws, saying, “TJX firmly believes that it did not violate any consumer protection or data security laws.” Under the terms of the settlement, as described…
Beam Global reports breach of human resources database
On June 15, attorneys for Beam Global Spirits & Wine, Inc. informed (pdf) the New Hampshire Attorney General’s Office that there had been unauthorized access of a Human Resources/Payroll database by a former employee back in February. Notification of individuals was delayed reportedly at the request of law enforcement. When it discovered the breach, the…
Bits ‘n Pieces
In the justice system: Desire Gordon was indicted on 67 counts of suspicion of stealing at least 34 identities that she allegedly accessed at her job at an unnamed Waltham-based company. Many of the ID theft victims are doctors. Gordon had access to a large database of health care professionals that contained their personal information….