From their press release of today: MINNEAPOLIS — January 10, 2014 Target today announced updates on its continuing investigation into the recent data breach and its expected fourth quarter financial performance. As part of Target’s ongoing forensic investigation, it has been determined that certain guest information — separate from the payment card data previously disclosed —…
GA: Phoebe Putney Hospital notifies 6,777 patients about stolen computer
WALB reports: Phoebe Putney Hospital is notifying thousands of patients that their medical information has been compromised by the disappearance of a hospital computer. Phoebe confirmed to WALB News 10 that on November 6, 2013, the hospital learned that a password protected unencrypted desktop computer disappeared from one of its clinics the day before. Read more…
And yet another Experian breach…
This time, the client whose credentials were compromised to gain access to Experian’s credit report database was Lafarge West in Albuquerque, New Mexico. The breach occurred between December 19 and 20, and was reported to those affected on January 7.
Thumb drive with personal information of Milwaukee employees recovered
There’s an important update in the Dynacare breach that affected City of Milwaukee employees. Fox6 reports that a 17-year-old male has been arrested for his role in the theft of the thumb drive, laptop, and computer bag that were stolen from the employee’s car on October 22. According to Fox6 and other media reports, the…
Edgepark Medical Supplies notifies patients after malware may have compromised their personal information
Edgepark Medical Supplies in Ohio (RGH Enterprises) is notifying some patients that their personal information, including full credit card number in approximately 126 cases, may have been acquired in March 2013 due to a malware infection that evaded detection by their anti-virus software until December 2013. Upon discovery, the malware was removed and patients’ passwords…
David Nosal sentenced; case narrowed the definition of “exceeding authorized access” under CFAA (update1)
I’ve been following the David Nosal case on this blog since April 2011, when the Ninth Circuit held that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer under the federal anti-hacking statute, CFAA. In June 2011, Nosal filed a petition for rehearing en banc (see…