As a follow-up on a breach previously reported here, Texas Attorney General Greg Abbott announced that the state has reached an agreement with Cornerstone Fitness, L.L.C. that requires the fitness center to better protect its customers’ personal information. In February, the Attorney General charged Cornerstone with violating a Texas law that governs the disposal of…
Bits ‘n Pieces
Alpha Daye Bah was arrested last week on charges that he stole at least 20 customers’ data from an unnamed restaurant and passed it to co-conspirators. More. Jason Reed and Derek Edwards were arrested for conspiracy to commit identity theft. Following a — wait for it — traffic stop, the officers found stolen credit cards…
Child DNA donors should have their say
Biobanks should revamp how they handle DNA from healthy children, says an international team of bioethics experts. Children whose parents have signed them up for long-term studies should not have their genetic data distributed or made public until the donors consent at an older age, says the team, which publishes its recommendations today in Science….
Nashville woman indicted in a $1.1 million healthcare fraud scheme
The former owner of Nashville-based Medicare and TennCare provider Merrilee Healthcare, was arrested Thursday, following a federal grand jury’s indictment alleging she participated in a $1.1 million healthcare fraud scheme, law officials said. Candyce Jones, 34, allegedly sent $1.1 million in fraudulent claims on behalf of her customers to Medicare and TennCare for psychotherapy and…
Amex cardholders’ data stolen by employee
A lot of sites are posting a news story with almost no details involving American Express. From what I read elsewhere about the notification, this is likely the incident that was reported here last month.
An open letter to Heartland CEO Robert Carr
Rich Mogull of Securosis joins Mike Rothman in taking Heartland Payment Systems CEO Bob Carr to task for his comments that seemed to shift responsibility for the breach to the assessors who told them they were PCI-compliant: […] PCI compliance means you are compliant at a point in time, not secure for an indefinite future….