In maintaining my blogs, I have tried to balance the privacy of individuals with the importance of their stories. Thus, over on Chronicles, I ranted about the invasion of Britney Spear‘s privacy while trying to avoid contributing to it, and on this blog, I have reported on UCLA employees snooping on celebrities’ files without going…
Breach handling done right: Johns Hopkins Hospital
In 2007, when Johns Hopkins learned that backup tapes had been lost in transit, I complimented them for their handling of the incident. They’ve managed to impress me yet again — which is no small feat — by their handling of a recent incident…. In February, this site posted a story about a breach that…
Branch Banking & Trust employee arrested for selling client information
On January 14, law enforcement officials investigating another matter discovered client information from Branch Banking & Trust Co. (BB&T) in the possession of unauthorized individuals. Once alerted to the breach, BB&T conducted an internal investigation and discovered that a former employee who had legitimate access to client accounts had abused the access and had sold…
A few more breaches that didn’t make the news
Thanks to those states who post notifications online…. TravelCLICK, Inc. reported (pdf) that customers who used their web site to book hotel reservations may have had their data accessed by unauthorized others during the period February to March of this year. Reservation data included names, full credit card numbers, expiration date, but no CVV or…
FTC enforcement of data protection
Since 2001, the FTC has filed charges against 25 businesses for failure to protect consumers’ information. The cases were cited in their May 5th testimony and comments (pdf) in Congress about two bills being considered: H.R. 2221, the Data Accountability and Protection Act, and H.R. 1319, the Informed P2P User Act. The cases fall into…
Pointer: Heartland CEO Vows To Fight MasterCard Breach Fines Of $6 Million-Plus
Fred J. Aun of StorefrontBacktalk writes: Heartland Payment Systems has apparently decided that being a data breach victim doesn’t mean that it has to be victimized by the card brands. At least that’s the impression from how Heartland CEO Robert Carr is reacting to more than $6 million in fines imposed on it by MasterCard,…