Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…
Was employee terminated for whistleblowing or privacy breach?
A nurse practitioner claimed she was wrongfully terminated after lodging an internal whistleblower complaint. However, her former employer said she violated privacy policies. hr.blr.com has a write-up of Worley v. Providence Physician Services, Co., Court of Appeals of the State of Washington, Division Three, No. 30950-9-III (7/23/13).
The New Teacher Project notifies employees after laptop stolen from office
A laptop with unencrypted names, dates of birth, Social Security numbers, and employee ID numbers of current and former employees was stolen from the Brooklyn, New York office of The New Teacher Project the weekend of July 27-28. Notifications to those affected with offers of free credit monitoring are going out about now. Of note,…
FL: Holy Cross Hospital patient records breached, possibly for tax refund fraud scheme
Brian Bandell reports: Holy Cross Hospital notified 9,900 of its patients that their personal information might have been breached by an employee who may have intended to commit tax fraud. Patient names, dates of birth, addresses and social security numbers were inappropriately accessed by an employee who has since been terminated, the nonprofit hospital said. This…
Unique Vintage notifies customers of long-running hack
We are writing to you because of an incident at Unique Vintage. On September 14, 2013 we discovered a data security incident that involved some of your personal information. Unique Vintage is Payment Card Industry Security Standards Council (“PCI”) compliant and implements the latest measures reasonably possible to protect its customers’ sensitive information. However, the very sophisticated data breach…
Computer server containing Virginia Tech job application info illegally accessed (updated)
Virginia Tech has learned that a computer server in the Department of Human Resources was illegally accessed on August 28, 2013. A VT spokesperson informs DataBreaches.net that the illegal access was from outside the school an IP address in Italy. The server contained information about 144,963 individuals who used the institution’s online employment application process…