It’s been a confusing few days for those trying to understand what T-Mobile press releases were really saying about what they found when they investigated claims on the Full Disclosure mail list. Their somewhat terse statements led some of us to conclude that they were saying that they had some evidence of data theft, while…
Category: U.S.
IN: Pharmacy pays fine for jeopardizing patient information
In 2006, WTHR in Indianapolis ran a series of investigative reports on how local pharmacies were trashing sensitive prescription information. Their series resulted in legislative and state investigations and rightfully earned them a Peabody Award for the series. But the impact of their series is still being felt. Today, they report that Low Cost Pharmacy…
Class action lawsuit filed over Aetna hack (updated)
Courthouse News Service reports that a class action claim has been filed against insurance giant Aetna as a result of the recent security breach in which hackers gained access to personal information about 450,000 employees, former employees and potential employees. At the time, Aetna stated that the incident exposed the SSN of approximately 65,000 people….
Update: T-Mobile confirms some data theft
I received an updated statement from T-Mobile overnight. Their revised statement confirms that at least some data were stolen, but they do not confirm that the breach described on the the Full Disclosure mail list was as extensive as the hackers claimed when they posted, “We have everything, their databases, confidental documents, scripts and programs…
Crawford & Company employee pleads guilty to stealing claimants’ personal information
Last week, I posted a copy of a press release from the US Attorney’s Office in Maryland stating that Shanell Angelia Bowser had pleaded guilty to stealing personally identifying information of insurance claimants submitted to her employer, described as an unnamed medical insurance adjuster. The release also mentioned that Bowser and/or her co-schemers had also…
Pointer: Commentaries on Merrick Bank v. Savvis
Last week, people started talking about a lawsuit first filed last year by Merrick Bank against Savvis Inc. The basis for the suit is that when Savvis audited CardSystems Solutions for compliance with the CISP security standards of the time, they gave them a clean bill of health. Merrick sued them after the breach, and…