Ina Steiner writes: In an email sent to shoppers this week, “Fresh Offerings from Your Favorite Shops,” Etsy mistakenly included the names of sellers taken from their credit card information on file. No other credit card information was included in the email. It’s not clear how it happened since all credit card information should be…
When, oh when, will people stop leaving unencrypted laptops in their cars?
OptiNose US Inc. has been notifying some of its consultants that their names and Social Security numbers were on a laptop stolen from an employee’s car. The laptop was stolen on March 26 in a Philadelphia suburb, and OptiNose started sending out notification letters on April 16. The letter did not inform recipients that the…
Child and Family Services of New Hampshire notifies 23 clients after files stolen from office
Child and Family Services of New Hampshire, a non-profit agency, recently notified 23 residents of New Hampshire after their client files were stolen from a secure area in the agency’s main office in Manchester. The files were stolen sometime between March 15 and March 18, and the theft was detected on March 19. Unfortunately, neither…
Updates to HHS's breach tool includes yet another Florida hospital whose patient data were stolen
An update to HHS’s breach tool this week adds 16 more incidents to their counter, although two of the entries appear to be for the same incident. Significantly, the list includes yet another Florida hospital report of theft of patient data, presumably for tax refund fraud or other fraud. In this case, though, it was not…
Eastern Health Authority Discloses Two Breaches Involving Briefcases Stolen from Employees' Cars
Eastern Health advised today that it has experienced an accidental breach of privacy of 63 of its clients. The accidental breach occurred when the briefcase of an employee was stolen from a vehicle while left unattended for approximately 10 minutes on the evening of April 17, 2013. The briefcase contained one client chart and a…
‘Hacker’ convicted by US court despite never hacking
Matt Brian has an interesting take on the conviction of David Nosal, which I reported yesterday on this blog: After more than a year of bouncing between appeals courts, the hacking case involving David Nosal has ended with a conviction. Wired reports that Nosal was yesterday found guilty of conspiracy, stealing trade secrets, and violating the Computer Fraud and Abuse…