Bosung Shim, 24, of Rockville, MD, was sentenced today to three months in prison, followed by seven months in community confinement and three years of supervised release, for unauthorized access of a protected computer. In addition, Shim was required to pay $31,653.24 in restitution to the victim and forfeit the computer equipment used in the…
GA: Emory University law students and medical students targeted in ID theft scheme
Schools need to remain cognizant that “directory information,” not protected by FERPA, can be used for ID theft. Maario Coleman and Angela Russell have been arraigned for operating a scheme to obtain thousands of dollars by stealing the identities of Emory University law and medical students and using them to apply for loans. According to…
EZ Yield notifying customers of hack involving online hotel reservation system
EZ Yield, a third party hotel reservation service provider, has started notifying customers that their credit card information may have been compromised by hackers. You can read the notification here (pdf). Update: idRADAR.com has delved into this breach report more. See their comments here.
Tampa woman found guilty in credit-card fraud ring
A Tampa woman was found guilty for her role in an identity theft ring during which conspirators ripped off credit card numbers from unsuspecting customers at International Plaza. Viviana Reyes, 40, was convicted of credit card fraud, bank fraud, conspiracy to commit bank fraud, aggravated identity theft and identity theft, according to the U.S. Department…
Commentary: Shooting the Messenger is Not an Effective Incident Response Strategy (updated)
A PHIprivacy.net commentary. In another post this morning, I described a very worrisome breach involving Lanap & Dental Implants of Pennsylvania. Our awareness of that breach is due to one person’s persistent efforts to shine some light on it. He responsibly contacted the dental practice over a year ago to alert them when he discovered…
Thousands of Pennsylvania dental patients may be at lifetime risk of ID theft after patient database is uploaded to torrent sites
Dave Bohman of WNEP recently reported on a breach involving Lanap & Dental Implants of Pennsylvania. The breach involved someone uploading a copy of the dental group’s practice management software (Dentrix) to a torrent site. The upload didn’t just contain the software, however. It also contained unencrypted patient record databases. As a result, over 11,000 patients – mostly…