Corinne Riechert reports a follow-up to a breach previously noted on this site: The Australian Privacy Commissioner has accepted an enforceable undertaking from ARC Mercantile following a breach of personal customer data at the end of last year, which occurred when an ARC employee posted a spreadsheet of customers owing money to Optus on Freelancer.com. Read more…
MA: SSNs, addresses inadvertently posted on Walpole Police Dept.’s website
WFXT reports: Social security numbers, addresses, phone numbers and other personal information was accidentally posted on Walpole Police Department‘s website. The personal information was part of last week’s dispatch log. The dispatch log contains a record of all incidents officer responded to, and that includes all of the personal information that is redacted from the press…
Data Breaches Lead To Over 1 Billion Records Exposed In The First Half of 2016
Risk Based Security reports: Risk Based Security and RPS Executive Lines are pleased to announce the release of the latest installment of the Data Breach QuickView Report. The MidYear 2016 Report shows that, while the number of data breaches for the year is down approximately 17% compared to the same time last year, the number…
NE: Personal and medical information discarded after pharmacy closes business
Max Massey of KOLN reports that the former owner of Four Star Drug in Lincoln said he had shredded, or transferred all of the important documents once his store went out of business. Sometimes a picture does speak 1,000 words. Look at this stack of papers with social security numbers, medical history, prescriptions, and even papers labeled confidential….
SWIFT discloses more cyber thefts, pressures banks on security
Jim Finkle reports: SWIFT, the global financial messaging system, on Tuesday disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February’s high-profile $81 million heist at Bangladesh Bank. In a private letter to clients, SWIFT said that new cyber-theft attempts – some of them successful…
FTC Blog Post Outlines How NIST Cybersecurity Framework Relates to FTC Data Security Program
A new blog post from the Federal Trade Commission provides guidance to businesses on how the cybersecurity framework created by the National Institute for Standards and Technology (NIST) aligns with the FTC’s data security program. The post outlines the key elements of the NIST framework and how it relates to the FTC’s long-standing approach to data security….