December 30, 2013 ‘wichcraft Operating, LLC recently learned that an unauthorized party gained access to our systems, compromising the payment card information of certain customers who made purchases at a ‘wichcraft location in New York or San Francisco using a payment card from approximately August 11, 2013 to October 2, 2013. Based on our investigation,…
Omniquad Surf Wall Remote injects string into the browser user agent that identifies users – claim
Back in October 2010, I noted a breach involving managed security services provider Omniquad. Omniquad acknowledged the breach that involved helpdesk tickets leaking online, but the firm’s managing director, Daniel Sobstel, subsequently claimed that Webroot reseller Infosec Technologies started contacting his customers and passing on misleading information about the size of the data breach. Now…
Actelis Networks reports theft of safes with Human Resources files
Lawyers for Actelis Networks have notified the New Hampshire Attorney General’s Office of the theft of two safes containing some Human Resources files with personal information. In their notification dated December 13, they explain that two safes with password-protected files were stolen on December 7 or 8. The theft was reported to law enforcement. Files…
FL: Barry University notifies patients that records with personal, financial, and medical information may have been compromised
Miami Herald staff report: Barry University announced Monday night it is notifying patients of its Foot and Ankle Institute that their medical records and personal information may have been hacked. The security breach was detected around May 14th via a school laptop infected by a form of malware – software used mainly to gain access…
T-Mobile USA customers to be notified of security breach at supplier’s (update 2)
It looks like T-Mobile USA will be sending out breach notification letters to customers after the New Year. A template of their notification letter, uploaded today to California’s breach site, explains: We are writing to inform you of a recent incident of unauthorized access to a file stored on servers owned and managed by a…
Following hack, RegistratioNation discovers some customer data was inadvertently being stored on its server (updated)
RegistratioNation is a provider of automated online payment processing and database management for event registrations. On December 23, their attorneys notified the New Hampshire Attorney General’s Office of an intrusion that occurred on November 4, 2013. The intrusion was discovered on November 22, and during investigation, the firm discovered that although payment card information was supposed…