ID Parts, LLC is notifying approximately 12,000 customers that malware inserted in their server for their e-commerce site (idparts.com) may have captured payment card information between January 2014 and October 28, 2014. ID Parts was alerted to the breach by American Express, whose fraud investigation had pointed to ID Parts as the common point of…
FTC Charges Data Broker with Facilitating the Theft of Millions of Dollars from Consumers’ Accounts
Press release from the FTC: A data broker operation sold the sensitive personal information of hundreds of thousands of consumers– including Social Security and bank account numbers – to scammers who allegedly debited millions from their accounts, the Federal Trade Commission charged in a complaint filed today. According to the FTC’s complaint, data broker LeapLab bought…
Throwing Money at Data Breach May Make It Worse – Survey
From the University of Arkansas on Newswise: Information systems researchers at the University of Arkansas, who studied the effect of two compensation strategies used by Target in reaction to a large-scale data breach that affected more than 70 million customers, have found that overcompensation of affected customers may only raise suspicions rather than satisfy customers’…
Entry Point of JPMorgan Data Breach Is Identified
Oops. An overlooked server that was not configured for two-factor authentication became the weak link in JPMorgan’s defenses. Matthew Goldstein, Nicole Perlroth, and Michael Corkery report: The computer breach at JPMorgan Chase this summer — the largest intrusion of an American bank to date — might have been thwarted if the bank had installed a simple…
MI: Lawsuit over Henry Ford Health data breach dismissed by appellate court (updated)
AP reports: The Michigan appeals court has reversed a decision and dismissed a lawsuit filed on behalf of 159 people in the Detroit area whose medical records were mistakenly made available online. There’s no dispute that a contractor at Henry Ford Health System made a mistake in summer 2008. But the court notes there’s no…
PA: Police investigate student data breach at South Western High School
Jennifer Wentz reports: Penn Township police are investigating a data breach at South Western High School. The district discovered Dec. 18 that an unauthorized person accessed social security numbers of students attending the school in the 2006-2007 and 2014-2015 school years, according to a letter sent to district parents Dec. 19. Police do not believe…