Archive for the ‘Data breach’ Category
Friday, February 5th, 2010
Data breaches in hotel industry higher than any other sector in 2009, according to Trustwave report
Which is most worrisome: (A) that hackers hit the hotel industry in 38% of data breaches last year; (B) that it took the hotels an average of five months to notice a data breach; (C) that the hackers often got into the data by using software glitches that had patches available 10 years ago; or, (D) all of the above?
A new report from security firm Trustwave indicates that the hotel industry was targeted for data breaches more than any other last year primarily because they were such an easy target and the takings were so rich. The hackers gained access to potentially millions of credit card account details from hotels that did little to protect the data, and never reported the resulting identity theft risk to officials or customers. (Picture a frisky young pit bull gleefully trotting after a fat, blind, three-legged cat while the cat’s owner sleeps in a hammock nearby.) (more…)
Tags: Data breach, data breaches, Hilton Hotels, Radisson Hotels, Trustwave, Wyndham Hotels
Posted in Data breach | No Comments »
Friday, January 15th, 2010
Health Net data breach prompts attorney general’s “historic lawsuit”
Connecticut Attorney General Richard Blumenthal said last November that he was “outraged and appalled” upon learning of Health Net’s massive data breach and their keeping it hush-hush for six months. He acted on those feelings this week by filing suit against the insurer and its new owners, United Health Group and Oxford Health Plans.
The data breach occurred May 2009 when a hard drive containing the information of 1.5 million customers went missing. Records were for the period 2002 through 2009. Roughly 446,000 of the members are from Connecticut.
Blumenthal’s lawsuit asserts Health Net gave its employees inadequate supervision and training on appropriate maintenance, use and disclosure of protected health information.
The company explained the six-month lag time between their awareness of the breach and their notifying state officials by saying the time was necessary to complete a “detailed forensic review.” Kroll, a computer forensic consulting firm hired to complete the investigation determined the information wasn’t encrypted or protected in any way from access or viewing. (more…)
Tags: Connecticut Attorney General Richard Blumenthal, Data breach, Health Net, HIPAA, ID theft, Identity Theft, Medical Identity Theft, Oxford Health Plan, United Health Group
Posted in Data breach | No Comments »
Wednesday, December 16th, 2009
Apparently, hackers stole even more of Express Scripts’ member information than was initially revealed last fall. An additional 1,771 New Hampshire residents are being sent data breach notification letters this week, according to a September 14 letter from Express Scripts.
Express Scripts, one of the world’s largest pharmacy benefits management companies, revealed in November 2008 that hackers demanded ransom in exchange for stolen customer information. Unless the ransom was paid, the hackers threatened to reveal the members’ information.
To strengthen their threat, the hackers sent personal information–including names, birth dates, Social Security numbers and some prescription details–of 75 of the firm’s 50 million customers. (more…)
Tags: Add new tag, Data breach, Express Scripts
Posted in Data breach | No Comments »
Monday, October 12th, 2009
One of the reasons the risk of ID theft is so high has to do with your employer. You don’t have any idea what happens to your personal information after you provide it to an employer. Unless, that is, you work for the staffing agency CLP. If so, there’s a good chance your personal information was in one of the boxes found in a Dumpster out back of a Florida restaurant last week.
A worker at Newport Café discovered everything necessary to commit identity theft in the boxes full of job applications, copies of Social Security cards, driver’s licenses and tax records. The job applications bore the CLP logo.
The restaurant employee contacted the local police, who, in turn, contacted staffing firm’s regional director in Fort Lauderdale. The CLP regional director, Seth Sandler, made a quick trip up to Palm Beach County and “took care of the situation,” said Corp. Michelle Vazquez of the Palm Springs police.
Until last week, CLP had an office next door to the restaurant, but Newport Café employees said they saw people moving out the office furnishings the day before the documents were discovered. (more…)
Tags: CLP Skilled Trades Solutions, CPL, Data breach, ID theft, Identity Theft, Newport Cafe, Palm Beach County, Palm Springs
Posted in Data breach | No Comments »
Tuesday, October 6th, 2009
American military veterans have been put at risk again. An unencrypted hard drive associated with eVetRec—the system veterans use to access their health records and discharge papers—was sent first for repairs then for recycling without being wiped of 76 million veterans’ records.
The hard drive failed last November and was returned to the contractor that sold it to the National Archives and Records Administration (NARA). When the contractor was unable to fix the drive, the contractor sent it to another company for recycling. (more…)
Tags: Data breach, eVetRecs, Hank Bellomy, hard drive, ID theft, Identity Theft, NARA, National Archives, National Archives and Records Administration
Posted in Data breach | No Comments »
Friday, September 25th, 2009
Could cloud computing lead to more data breaches and Identity theft? The growing trend of document being stored and created on provider’s servers to be accessed from anywhere has become a topic of security discussions for some time now. Could this trend drive up the amount of data breaches we see in the media.
For those of you who don’t know, cloud computing refers to the use of web applications and storage. Creating documents on the web is something that has become popular for some time now. With providers like Google Docs and now the New Windows Live Documents providing enticing way to create and share documents with other people with a simple web browser. It’s great for productivity but is it good for security. (more…)
Tags: ID theft, Identity Theft, identity theft prevention
Posted in Data breach | No Comments »
Tuesday, September 22nd, 2009
Apparently, hackers stole even more of Express Scripts’ member information than was initially revealed last fall. An additional 1,771 New Hampshire residents are being sent data breach notification letters this week, according to a September 14 letter from Express Scripts.
Express Scripts, one of the world’s largest pharmacy benefits management companies, revealed in November 2008 that hackers demanded ransom in exchange for stolen customer information. Unless the ransom was paid, the hackers threatened to reveal the members’ information.
To strengthen their threat, the hackers sent personal information–including names, birth dates, Social Security numbers and some prescription details–of 75 of the firm’s 50 million customers.
Express Scripts publicly refused to pay the ransom, even after some of their customers received similar letters, extortion attempts and sample employee information. Toyota, government agencies and labor unions were among those contacted by the hackers. (more…)
Tags: Data breach, data theft, Express Scripts, extortion, Hackers, hacking, ID theft
Posted in Data breach | 1 Comment »
Thursday, August 6th, 2009
Of course military service has inherent personal safety risks—that’s what makes enlistment so noble. But the risk of identity theft is something 131,000 current and former Army National Guards soldiers will be considering very seriously.
The Army National Guard announced this week that a contractor’s laptop containing the soldiers’ personal information was stolen July 27. The contractor was involved in the Army National Guard Bonus and Incentives Program.
The compromised information included program participants’ names, Social Security numbers, payment amounts and payment dates. (more…)
Tags: Army, Data breach, ID theft victim, LifeLock Reviews, soldiers, stolen laptop, US National Guard
Posted in Data breach | 3 Comments »
Tuesday, August 4th, 2009
Here’s how we’d like to think of it: Prison inmates are the stupid ones and their keepers are the smart ones.
Here’s how it really is: An unnamed New Hampshire prison employee assigned prisoners to work in a warehouse where they had access to Corrections Department records, including a list of ALL department employees and their Social Security numbers.
Big surprise: An inmate in a Concord minimum-security prison absconded with the list, which was discovered in his cell during a routine search.
The employee information included names, titles, positions, departments, labor grades and Social Security numbers of the roughly 1,000 people employed in the Corrections Department as of March 2008. (more…)
Tags: Capt. Jon Fouts, Data breach, Identity Theft, Jeff Lyons, LifeLock promo code, New Hampshire Corrections Department
Posted in Data breach | No Comments »
Monday, July 13th, 2009
If you’re already defaulting on your student loan, you might be praying that the state agency that manages it would somehow just lose the promissory note, thereby letting you off the hook.
Florida students got only half of what they wished for, and a whole lot of something they never wanted. (more…)
Tags: Data breach, DOE, Florida Department of Education, Identity Theft, LifeLock promo code, Office of Student Financial Assistance, OSFA, promissory notes
Posted in Data breach | No Comments »
