ICG America, which operates a family of retail and e-commerce companies that includes Amazing Clubs, Flying Noodle, MonsterBrew, Games2U, TexasIrons, and California Reds, has joined the ranks of those disclosing hacks involving customer data. In August, ICG America was alerted by a credit card company that their payment processing system appeared to have been attacked….
International Data Breach Laws Are All Over The Map
Ben DiPietro reports: Laws on sharing and disclosure of data and personal information differ widely among countries, greatly complicating the compliance challenges of companies operating internationally. Read more on Wall Street Journal. As DiPietro reports, different laws also differentially impact – and may impede – forensic analysis of breaches.
Data Broker Giants Hacked by ID Theft Service
Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…
Was employee terminated for whistleblowing or privacy breach?
A nurse practitioner claimed she was wrongfully terminated after lodging an internal whistleblower complaint. However, her former employer said she violated privacy policies. hr.blr.com has a write-up of Worley v. Providence Physician Services, Co., Court of Appeals of the State of Washington, Division Three, No. 30950-9-III (7/23/13).
The New Teacher Project notifies employees after laptop stolen from office
A laptop with unencrypted names, dates of birth, Social Security numbers, and employee ID numbers of current and former employees was stolen from the Brooklyn, New York office of The New Teacher Project the weekend of July 27-28. Notifications to those affected with offers of free credit monitoring are going out about now. Of note,…
FL: Holy Cross Hospital patient records breached, possibly for tax refund fraud scheme
Brian Bandell reports: Holy Cross Hospital notified 9,900 of its patients that their personal information might have been breached by an employee who may have intended to commit tax fraud. Patient names, dates of birth, addresses and social security numbers were inappropriately accessed by an employee who has since been terminated, the nonprofit hospital said. This…