Jude Karabus reports: British clothes retailer Fatface has infuriated some customers by telling them “an unauthorised third party” gained access to systems holding their data earlier this year, and then asking them to keep news of the blunder to themselves. Several people wrote into The Register to let us know about the personal data leak, with reader…
Haven Behavioral Hospital provides Notice of Data Incident
Note: The following notice concerns Haven Behavioral Hospital of Philadelphia and Haven Behavioral Hospital of Eastern Pennsylvania. DataBreaches.net also found that Cottonwood Creek Behavioral Hospital, Phoenix, Frisco (Texas), and Dayton (Ohio) Haven hospitals all published identical notices yesterday. A notice on Haven Behavioral’s web site is not specific to any named hospitals, suggesting that this incident may…
Utah Becomes the Second U.S. State to Establish Affirmative Defenses for Data Breach
Alyssa Aquino, Judith Selby, and Joanna Storey of Hinshaw write: In enacting the Cybersecurity Affirmative Defense Act, HB80, (Act) on March 11, 2021, Utah became the second state in the U.S. to create affirmative defenses for “persons” to certain causes of action arising out of a breach of system security.[1] “Persons” is defined to include…
FL: Polk County Schools says student information may have been exposed in data breach
WTSP reports: If you have a student who goes to school in Polk County you might have gotten a letter from a company called PCS Revenue Control Systems, Inc. about a data breach. Don’t throw that letter away. The Polk County School District says it’s legitimate and you might need the instructions that come on it…
NZ: Privacy breach: IRD sent details of baby to complete stranger and paid her $240
Tamsyn Parker reports: A woman was shocked to find the details of an unknown baby had been added to her online Inland Revenue account and to receive a $240 back-dated payment for the child. Katie, who doesn’t want her last name used, said she received an email from the IRD last week to say her…
Solairus Aviation Notice Regarding Avianis Data Security Incident
PETALUMA, Calif., March 23, 2021 /PRNewswire/ — Today, Solairus Aviation, a US-based aviation services company whose core business is assisting owners with the safe, reliable, and economical operation of their aircraft, announced that it identified and addressed a data security incident related to one of its third-party vendors. On December 23, 2020, Solairus was notified by a third-party vendor,…