Law360 reports: Neiman Marcus has agreed to pay $1.6 million to resolve a data breach class action in Illinois federal court over a December 2013 cyber intrusion that revealed the credit card data of 350,000 shoppers of the luxury retailer, according to a court document filed Friday. Read more on Law360 if you have a…
Google Points to Another POS Vendor Breach – Krebs
Brian Krebs reports: For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant. A little over a…
McDonalds India is leaking 2.2 million users data
Hackernoon writes: This is published under our responsible disclosure policy The McDonald’s India app, McDelivery is leaking personal data for more than 2.2 million of its users which includes name, email address, phone number, home address, accurate home co-ordinates and social profile links. We contacted McDelivery on 7th Feb and received an acknowledgement from a…
Children’s Hospital of Eastern Ontario employee breached privacy of nearly 300 patients
Shaamini Yogaretnam reports: A former part-time instructor at Algonquin College and CHEO employee shared the private information of 283 patients with students, prompting the end of their employment at the college and a privacy investigation at the hospital, the Citizen has learned. On March 10, Adam Vaughan received a concerning letter in the mail about…
UK: 26 million NHS patients’ records in security scare over SystmOne “enhanced data sharing”
Did no one really understand what “enhanced data sharing” would permit until now? Laura Donnelly reports: The medical records of 26 million patients are embroiled in a major security breach amid warnings that the IT system used by thousands of GPs is not secure. The Information Commissioner is investigating concerns that records held by 2,700 practices…
Affiliated Santé Group learned that patient info was exposed on GitHub for years
So there was another breach disclosed in January that I didn’t find out about until today. It’s an insider-error situation involving a software developer contractor who unintentionally exposed protected health information (PHI) of 550 patients on GitHub – for more than five years. Here is Affiliated Santé Group’s notification: January 30, 2017 RE: Notice of…