Oliver Laughland, Paul Farrell and Asher Wolf report: The personal details of a third of all asylum seekers held in Australia – almost 10,000 adults and children – have been inadvertently released by the Department of Immigration and Border Protection in one of the most serious privacy breaches in Australia’s history. A vast database containing…
Ex-employee of Birmingham Social Security office pleads guilty to stealing from beneficiaries
Kelsey Stein reports a follow-up to an insider breach for tax refund fraud involving the Alabama Social Security Department: A former employee of the Social Security Administration office in Birmingham at a hearing Tuesday pleaded guilty to stealing information and benefits. Tabaris Archie Brown, 35, of Montgomery, entered a guilty plea at a hearing Tuesday morning…
Well.ca loses customer credit card data in security breach
Candice So reports: Well.ca, a Canadian online retailer for health and beauty products, has suffered a data breach, potentially losing the credit card information of some of its customers. In an email to its customers today, Well.ca said one of its service providers was “illegally compromised” between Dec. 22, 2013, and Jan. 7, 2014. The company…
UK: NHS in England delays sharing of medical records
Peter Walker and James Meikle report: The NHS delayed for at least six months a controversial plan to share data from people’s medical records on Tuesday following concerns from doctors and patients’ groups, acknowledging there was insufficient public confidence in the scheme. The postponement by NHS England was welcomed by critics who had complained too…
2013 Exposed Records Sets the Stage for Massive Identity Theft
From Risk Based Security: We are pleased to release our Data Breach Quick view report that shows 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents. The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011). Although overshadowed…
Zevin Asset Management notifies clients after employee who violated company policy inadvertently exposed personal and financial information
Boston-based Zevin Asset Management recently notified some clients of a breach that began in mid-September 2013. According to a letter dated February 13 signed by their President, Benjamin Lovell: In mid-September 2013, contrary to Zevin policies, a Zevin employee used an online services provider to host a document listing Zevin’s usernames and passwords for certain…