Robert McMillan reports the latest development in a case previously mentioned on this blog: A 26-year-old Belarusian man has admitted to running an identity theft website designed to thwart the antifraud measures used by many banks. Until he was arrested in April 2010, Dmitry Naskovetz had been the mastermind behind CallService.biz, a website that helped…
(update) Ark. man accused of stealing 100,000 iPad e-mail addresses remains jailed after move to NJ
David Porter of the Associated Press reports: One of two men charged with stealing more than 100,000 e-mail addresses of Apple iPad users remained jailed Wednesday after making his first court appearance in New Jersey. Andrew Auernheimer, wearing handcuffs and a prison jumpsuit, chatted and joked with court personnel before the brief hearing in front…
CA: Chapman University students’ personal information leaked
Shan Li reports: A document containing sensitive information on 13,000 students of Chapman University and its affiliate, Brandman University, was accidentally accessible to students last week, the university said. The electronic document — which contained the Social Security numbers, student identification numbers and financial aid information of approximately 11,000 current and former Chapman students, 1,900…
UK: Council breached Data Protection Act by losing flash drive with unencrypted information
Cambridgeshire County Council breached the Data Protection Act by losing a memory stick containing sensitive data relating to vulnerable adults, the Information Commissioner’s Office (ICO) said today. The ICO was informed by the council in November 2010 that an employee had recently lost an unencrypted memory stick containing personal data relating to a minimum of…
UK: Met called after hackers send obscene emails from university database
Josh Halliday reports: The Metropolitan police has been called in after computer hackers gained access to a London university medical database, sending a string of expletive-laden emails to hundreds of its users. Unidentified hackers sent emails last week pretending that members of the university’s executive board were involved in a “recent child pornography sting” and…
Business Associates May be Liable for HIPAA Compliance
Dom Nicastro writes: The Department of Health and Human Services’ Office for Civil Rights intends to strengthen HIPAA compliance requirements under the HITECH Act. The proposed changes would make BAs directly liable for HIPAA breaches, and subcontractors of BAs would also have to be compliant with HITECH and HIPAA. And that means they would have…