We might one to cross-file this one under “dumb criminals,” because the fraudster was caught, in part, because she uploaded a picture of her ticket to a Oklahoma City Thunder game – and the visible serial number on the ticket was linked to a patient’s credit card she had misusing. Phil White reports Paul Vick is a…
Update on the Clark & Anderson, P.A. breach
On September 23, I reported on an unencrypted backup drive stolen from an accounting firm employee’s vehicle: A Maryland accounting firm had to notify 2,906 Maryland residents after an unencrypted backup drive was stolen from an employee’s car at his home. The theft occurred on August 4, but Clark & Anderson, P.A. didn’t learn of it…
Washington University in St. Louis notifies business partners after laptop with unencrypted PII stolen
Through its lawyers, Washington University in St. Louis notified the Maryland Attorney General’s Office of a breach that occurred on September 12: On September 13, 2013, our client, Washington University, learned that an unencrypted laptop computer issued to a Washington University employee had been stolen from the Washington, DC office of the Danforth Center for Religion and…
Cruises Inc. notifies customers after booking system accessed by compromised login credentials
Back in August, I reported: Smartphone Experts discovered that the system used for customer payments for online shopping had been hacked. Although stored customer data were encrypted, Diana Kingree, the Senior Vice President of Commerce, noted that the hacker may have been able to use a decryption feature of the system to view customers’ names, addresses, credit or…
Travelocity notifies customers after service providers’ employees misuse customer data
On November 22, Travelocity notified the Maryland Attorney General’s Office of a breach they first learned about on February 21. According to their letter, on that date they discovered that “over the previous several months, several employees of a Travelocity service provider had misused certain information to which they had access as part of performing…
UK: Men who obtained personal data from West Ham officials during Olympic Stadium bid fined thousands of pounds
CBallinger reports: A Crawley man who illegally obtained personal information from West Ham officials during the bidding process for the Olympic Stadium has been fined thousands of pounds. Richard Forrest, from Furzefield, in West Green, was fined £10,000 at Southwark Crown Court today (December 20). Forrest, a 31-year-old who is unemployed, pleaded guilty to obtaining…