From the press release: Following the completion of its annual Payment Card Industry Data Security Standard (PCI DSS) assessment, Heartland Payment Systems has successfully validated its compliance with PCI DSS. As such, Heartland is returning to Visa’s List of PCI DSS Validated Service Providers. According to Visa, Heartland will appear on the list – which…
IT director pleads guilty to deleting organ donation records (updated)
Not all data losses are created equal. Grant Gross of IDG News Service reports: The former IT director for a nonprofit organ and tissue donation center pleaded guilty to a charge that she broke into the organization’s computer network and deleted organ donation database records, invoice files, and database and accounting software, the U.S. Department…
Employee snooping at Littleton Regional hospital went undetected
When the Littleton Regional Hospital received a complaint from a patient on March 25, they initiated an investigative audit that revealed that the patient’s information had been improperly accessed by a former employee on three separate occasions going back to October 2008. The breach was then promptly reported (pdf) to the patient on March 27…
Ehud Tenenbaum agrees to be extradicted to U.S.
Kevin Martin of Calgary Sun reports that Ehud Tenenbaum, the hacker known as “The Analyzer” and who came to public attention years ago for hacking into into NASA, the Pentagon, the Israeili Parliament and Hamas, has agreed to waive extradition to face charges in the U.S. relating to credit card fraud and hacks of financial…
FTC Will Grant Three-Month Delay of Enforcement of ‘Red Flags’ Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs
From the FTC’s press release: The Federal Trade Commission will delay enforcement of the new “Red Flags Rule” until August 1, 2009, to give creditors and financial institutions more time to develop and implement written identity theft prevention programs. For entities that have a low risk of identity theft, such as businesses that know their…
Rush introduces breach notification bill in House
Yesterday in Congress, Rep. Bobby Rush (D-IL) introduced H.R. 2221, co-sponsored by Reps. Stearns (R-FL), Barton (R-TX), Schakowsky (D-IL), and Radanovich (R-CA). The text of the bill is not yet available online, but it was introduced as “A bill to protect consumers by requiring reasonable security policies and procedures to protect computerized data containing personal…