Hold Security reports: After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian). The CyberVor gang amassed over 4.5 billion records, mostly…
Vibram’s hosting provider hacked; customers’ credit card numbers compromised
Vibram is notifying some customers that their third-party hosting provider was hacked and that customers making online purchases at vibramfivefingers.com between June 6 and July 7 may have had their credit card numbers compromised. As a result of the breach, the manufacturer and retailer of five-finger running shoes is taking its hosting business to another provider,…
Western Regional Center For Brain And Spine Surgery employee stole patient information for fraudulent activities
A recent update to HHS’s public breach tool shows that Western Regional Center For Brain And Spine Surgery reported a breach affecting 12,000 patients. The breach began on November 28, 2011 until June 29, 2012 and involved “theft, network server.” A letter sent to patients, dated July 9, 2014, explains that on or about May…
Erie feds: IDs stolen from NYC welfare records
Lisa Thompson reports: More than 400 of the identities stolen in a massive Erie federal wire fraud case appear to have been lifted from the case records of New York City public assistance clients, a federal prosecutor said. Federal investigators believe one of the Nigerian defendants recently indicted in Erie in a $10 million identity…
Target’s Data Breach Is Going To Cost The Company Even More Than It Previously Thought
Myles Udland reports: Target’s data breach just got more expensive. In a statement, the retailer said its second quarter earnings will include a $148 million charge related to losses regarding the massive data breach which occurred during last year’s holiday shopping season. This is more than the company previously estimated. Read more on BusinessInsider
NIST Unveils Security, Privacy Control Assessment Guide Draft
Anna Forrester reports: The National Institute of Standards and Technology has released a draft guidance for federal agencies, contractors and the intelligence community to evaluate the privacy and security controls used on federal information systems and information technology networks NIST said Friday that the “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans” document (SP…