John Leyden reports: A recidivist ID theft fraudster who used a people search website to verify the authenticity of stolen social security credentials has been jailed for more than 16 years. Todd Yurgin, 41, of Newark, Delaware, earned the severe sentence because he had twice previously been convicted of federal fraud offences. In sentencing, Chief…
Cn: Bank details on the web
Jia Feishang reports: China’s biggest search engine, Baidu, removed files containing the personal details of thousands of locals from its document-sharing platform yesterday, following public outcry over the breach of privacy. But although those files were deleted, people’s personal information can easily be found on the Internet. Shanghai Daily has discovered similar documents online, including…
Briar Group restaurant chain to pay $110K for data security breach; must comply with PCIDSS
Jenn Abelson reports: The Briar Group LLC, which runs Ned Devine’s, the Green Briar, The Lenox, and other popular restaurants, has agreed to pay $110,000 to resolve allegations that the Boston chain failed to take reasonable steps to protect diners’ personal information and put at risk tens of thousands of credit and debit card information….
OPINION: A breach too far
John Ryan writes: The data protection landscape in Ireland has evolved significantly in recent years. Not so long ago, it seemed an organisation could mislay customer information with impunity. There did not seem to be any major concern on behalf of the culprit organisation to put proper protection measures in place and there did not…
McAfee and SAIC survey: Companies pick and choose which data breaches to report
Ellen Messmer reports: One in 7 information technology companies have not reported data breaches or losses to outside government agencies, authorities or stockholders. In addition, only 3 out of 10 said they report all data breaches and losses suffered related to intellectual property, while 1 in 10 organizations will only report data breaches and losses…
MySQL.com Database Compromised By Blind SQL Injection
Simon writes: An email was sent out earlier today on the Full-Disclosure mailing list, detailing the compromise of numerous MySQL websites along with portions of their database containing usernames and passwords. […] The email sent to Full Disclosure lists out all the databases, tables and even some password hashes for the users at MySQL.com. There…