Last week, people started talking about a lawsuit first filed last year by Merrick Bank against Savvis Inc. The basis for the suit is that when Savvis audited CardSystems Solutions for compliance with the CISP security standards of the time, they gave them a clean bill of health. Merrick sued them after the breach, and…
Category: U.S.
OH: Dining Services faces security debacle
Everdeen Mason of Ohio State University’s student paper, The Lantern, reports: It’s been a rough end of the term for Ohio State Dining Services. The director of Dining Services, Thomas Stevenson, has resigned from his position, and 350 student employees had their social security numbers accidentally leaked in an e-mail. “There is absolutely no connection…
T-Mobile USA investigating claims they were hacked
An email posted to the Full Disclosure mail list on Saturday by pwnmobile_at_Safe-mail.net claims: Like Checkpoint Tmobile has been owned for some time. We have everything, their databases, confidental documents, scripts and programs from their servers, financial documents up to 2009. We already contacted with their competitors and they didn’t show interest in buying their…
FL: Clerks fired for using classified database as Match.com
The Associated Press reports that Carol Bass and Helen Lehman, both records clerks at the Fort Myers Police Department, were fired in March after reportedly misusing a classified search database to look up people one of them was considering dating. It’s nice to read more reports of people actually being fired for inappropriate use of…
Stolen laptop contained AARP employee data
AARP, the nonprofit association oriented to people over age 50, sent a letter to the New Hampshire Attorney General’s Office on June 3, informing Attorney General Ayotte that they had recently learned that a laptop was stolen from an employee’s home. The laptop, which was stolen on May 22, contained the names, social security numbers,…
Vocus employees notified of possible breach
I think I jinxed Vermont. I had just called them two days ago to inquire whether they really had had no breaches reported since February or if they were just behind in updating their web site. I was told that there had been no breaches to add to that site (although there are other state…