Back in August, I reported: Smartphone Experts discovered that the system used for customer payments for online shopping had been hacked. Although stored customer data were encrypted, Diana Kingree, the Senior Vice President of Commerce, noted that the hacker may have been able to use a decryption feature of the system to view customers’ names, addresses, credit or…
Travelocity notifies customers after service providers’ employees misuse customer data
On November 22, Travelocity notified the Maryland Attorney General’s Office of a breach they first learned about on February 21. According to their letter, on that date they discovered that “over the previous several months, several employees of a Travelocity service provider had misused certain information to which they had access as part of performing…
UK: Men who obtained personal data from West Ham officials during Olympic Stadium bid fined thousands of pounds
CBallinger reports: A Crawley man who illegally obtained personal information from West Ham officials during the bidding process for the Olympic Stadium has been fined thousands of pounds. Richard Forrest, from Furzefield, in West Green, was fined £10,000 at Southwark Crown Court today (December 20). Forrest, a 31-year-old who is unemployed, pleaded guilty to obtaining…
MD: Walgreens employee prosecuted for misusing customers' credit card numbers
It seems that Walgreens had an insider breach at their Harford Rd., Baltimore store. On November 27, they reported to the the Maryland Attorney General’s office that a pharmacy employee had been accessing misusing customers’ credit card numbers. Eight Maryland residents were affected. Walgreens learned of the breach on November 4, terminated the employee, and…
Details emerge on Hospital for Special Surgery breach
On November 15, I reported on some updates to HHS’s breach tool. One of the entries I wrote was: The Hospital for Special Surgery in New York reported that 537 patients had PHI stolen on March 19, although it’s not clear from HHS’s log whether the data were stolen from a computer or if the computer itself…
Affinity Gaming announces breach affecting all 11 casinos; fraudulent charges reported
It’s just hitting the media today that Affinity Gaming was hit by a cyberattack earlier this year that affected customers at its 11 casinos. They were alerted to the breach by the FBI in October, and the critical period for data compromise is March 14 – October 16. Here is the relevant parts of their announcement…