The comptroller’s December 2009 audit report can be found here. ACS collects a lot of PII on many children in NYC, including medical information, complaints of child abuse, etc. The most significant audit findings included inadequate password security for the local network and Blackberry devices. With respect to the former, the audit found 15 instances…
AU: ALRC renews data loss financial penalty call
Christina Zhou reports: The Australian Law Reform Commission (ALRC) has renewed its call for fines for failing to notify the privacy commissioner of data breaches after the UK introduced penalties of up to half a million pounds. The ALRC initially made the call in its report: For Your Information: Australian Privacy Law and Practice released…
Louisiana woman pleads guilty to access device fraud and mail fraud
Geralyn Moore, age 32, a resident of Marrero, LA, pled guilty in federal court today before U. S. District Judge Eldon E. Fallon to one count of access device fraud and two counts of wire fraud related to fraudulent purchases made on a Discover Card, which did not belong to her, announced U. S. Attorney…
Online Banking and “Reasonable Security” Under the Law: Breaking New Ground?
David Navetta writes: With the report of another data security-related lawsuit involving online banking (another 2009 lawsuit referenced here involved an alleged loss of over $500,000), and a recent victory for a plaintiff on a summary judgment motion in a similar online banking data security breach case, the question arises whether online banking breaches will…
18,000 pay statements sent to wrong addresses
William H. McMichael reports: Pay statements containing names and sensitive information about the finances of about 18,000 recipients of a special pay for disabled retirees were sent to wrong addressees last week, the Defense Finance and Accounting Service said Jan. 14. The statements, a page of which contained information about annual increases in Concurrent Retirement…
Western Michigan U. exposed student info on web
On December 14, Western Michigan University discovered that some student employees’ names, addresses, department, and Social Security numbers were exposed on a WMU web page “for a brief period of time.” According to a notification sent by ID Experts to the New Hampshire Attorney General’s Office on December 22, the university secured the information immediately…