Still no real facts, but more hints of impact. This from the Community Bankers Association of Illinois (emphasis added by me): (February 11,2009) Today, VISA announced that an unnamed processor recently reported that it had discovered a data breach. The processor’s name has been withheld pending completion of the forensic investigation. According to VISA officials,…
UK: Customers’ personal data sent to stranger
Ian Robson reports: A finance company has admitted sending confidential information about customers, including their bank account numbers, to a stranger. Fiat Financial Services had sent a credit agreement to motorist Darren Wright after he bought a car. But they also posted the private details of five other customers who had applied for a loan….
More details on the second processor breach (corrected and updated)
My googling skills are paying off. Found this on TVACU.com: (not CardNet as originally cited; the CardNet notice is provided below the TVACU.com notice) On the heels of the Heartland Payment Systems breach, another U.S. acquirer-processor has confirmed a network intrusion exposing primary card numbers and card expiration dates for card-not-present (CNP) transactions. Unlike the…
NY: Misrouted medical faxes bedevil family
Marcele Rojas reports: Southeast resident Cathy Meyer reached her breaking point when she received a fax with a list of patients in Putnam Hospital Center’s psychiatric ward. The fax was from another department within the hospital, she said, seeking the patients’ medical charts. […] For more than a year, Meyer has received dozens of faxes…
More recent breaches we didn’t know about
Thanks to the New Hampshire Attorney General’s Office for posting breach notices online: Student Loan Xpress, Inc. reported (pdf) that the service provider for their student loans, American Education Services, inadvertently transmitted personal information on student loans to another lender that AES also has contracts with. The information may have included names, addresses, Social Security…
StayFriends members’ personal info exposed by SQL injection
The same individual, “unu,” who has been exposing other web sites vulnerable to SQL injection, has issued some screen shots showing how the German site, StayFriends, left its over 7 million users’ personal information vulnerable to exposure or access. According to the account of the hack, the exposure involved names, email addresses, passwords, some credit…