By now, there have been thousands of news stories on the security breach at Epsilon, a Dallas-based email marketing service provider. Many of the headlines have incorporated the names of some of the firm’s biggest clients like Chase, Target, or Kroger. Many of the headlines have seemingly tried to frighten consumers into reading the story…
UK: Council printer mix up breached data protection laws
Probably everyone has accidentally left some papers in a shared printer at one time or another. But when papers containing sensitive personal data get scooped and included in a mailing to an uninvolved their party, you may wind up violating the Data Protection Act. According to the Information Commissioner’s Office, that’s pretty much what happened…
Applied Micro Circuits math: Laptop with unencrypted SSN + car = Breach notifications
Applied Micro Circuits Corporation recently notified some of its current and former employees that a laptop with their names and Social Security Numbers was stolen from an employee’s car. In a letter to those affected dated March 23, the technology firm indicated that the theft occurred on February 23. In one of the oddest things…
Breach of S&D Coffee web site results in notifications to customers
S&D Coffee recently notified the New Hampshire Attorney General’s Office that a security breach involving its online e-commerce site resulted in the compromise of customers’ names, addresses, email addresses, and credit card numbers. The site is hosted by E-Dreamz, who discovered the breach on February 7 and notified S&D Coffee. The coffee retailed indicated that it…
MN: From the grave, Ulysses Telemedia lets secrets slip
I can’t access the entire article, but found this article by Jim Hammerand today while reading something else he wrote: The bidder was just interested in the file cabinets. But for $10, he got something much more valuable: dozens of boxes of corporate records, chock full of sensitive employee data, customer information and internal documents….
UK: Cornwall health trust disclosed third-party personal data
Royal Cornwall Hospitals NHS Trust has acknowledged that breached the Data Protection Act on two occasions and has signed an undertaking with the Information Commissioner’s Office. According to a press release issued by the ICO today: The first breach happened in July 2010 when an individual received a response to a subject access request for information…