Although Sally Beauty acknowledges that 25,000 payment cards may have been compromised in a recently disclosed breach, Brian Krebs challenges their statement by analyzing the zip codes of card data up for sale on an underground market, rescator.so. You can read his analysis here, but the short version is that Brian speculates that all Sally Beauty…
More TD Bank insider breaches
On March 1, I blogged about numerous insider breaches TD Bank has reported in the past few years. I updated that report on March 9 with even more breaches that I uncovered via public records that were subsequently made available. Today, I received a response to a public records request to the North Carolina Attorney…
Ca: Lost hard drive with student loan data lacked password protection
Daniel Bitonti reports: A portable computer hard drive containing the personal information of more than 500,000 student loan recipients was left unsecured for extended periods of time by government employees and was not protected by a password or encryption, Canada’s top privacy watchdog says. In a report tabled in Parliament on Tuesday, interim federal privacy…
UK funders get tough on privacy breaches
Ewen Callaway writes: Leading UK organizations that fund research have threatened to revoke the funding of scientists who determine the identities of participants in medical and genomic studies who had expressed a wish to remain anonymous. The warning was issued on 24 March by the Medical Research Council and the Economic and Social Research Council…
Personal Records Thrown In Dumpster From Topeka Dental Service Company
WIBW in Kansas reports: Last week 13 News reported about confidential records found in a dumpster behind a Topeka office building. Since then, 13 News has been investigating to find out where those documents came from, and it seems the origin isn’t too far away from where they were found. […] Jim found an additional…
KY: UK HealthCare warns 1,079 patients after laptop with their info stolen from Talyst employee
LEX18 reports: UK HealthCare [University of Kentucky HealthCare] is notifying more than 1,000 patients about a breach of protected health information. Officials say someone stole a password protected lap-top owned by a business partner of the hospital. They say that laptop contains confidential information about current and former patients. Read more on LEX18 A statement…