Apparently, natural foods stores are ready to compete with the big grocery chains. No, not on price–Natural Grocers, a small chain of about 93 stores in 15 states that’s based in Colorado has decided to compete with the big chains by possibly having a payment data breach of its very own. This is not the kind of corporate milestone that a growing chain would celebrate. [More]
Anthem Says Data From As Far Back As 2004 Exposed During Hack, Offering Free Identity Theft Protection
A week after health insurer Anthem announced that it was the latest victim of a security breach, the company revealed that hackers had access to tens of millions of customers’ data going back as far as 2004. [More]
Any data breach is bad, but the more personal they are — and the more widespread — the worse. And by both metrics, the hack just announced by major health insurer Anthem is particularly terrible. [More]
There’s no ifs ands or buts about it — the fallout from the recent massive data breach at Home Depot is far from over. The company wrote in a filing today that it’s got the specter of state and federal investigations looming over it as well as at least 44 civil lawsuits in the U.S. and Canada. [More]
AT&T has issued an apology letter and says it’s fired an employee who tapped into customer information this year, writing to those affected and explaining that the worker accessed accounts in August 2014. While doing so, that person might have viewed and obtained account information including social security numbers and driver’s license numbers. [More]
Months after it was first reported that payment systems at sandwich chain Jimmy John’s may have been compromised, the company is finally confirming that 216 of its stores were indeed hacked, putting customers’ credit and debit card data at risk. [More]
Did you shop at Home Depot recently? Then you will probably want to keep an eye on your bank and/or credit card account. The retailer has confirmed it is investigating the possibility of a data breach that may have resulted in customers’ information being stolen. [More]
A new Senate staff report from the Commerce, Science and Transportation Committee released last night charges Target with missing multiple warning signs before hackers stole the personal information of up to 110 million customers late last year. [More]
Target Data Breach Manages To Keep Getting Worse; Now It’s 70 Million Customers’ Data Stolen [UPDATE]
Penn Station is a chain of 238 sandwich shops around the country. It’s also the latest business to have its customers’ credit card info stolen. [More]
An employee of Starbucks has filed a class action lawsuit against the company for failing to properly secure employee data. The employee was one of one of 97,000 notified late last year after a Starbucks laptop containing employee names, addresses and Social Security numbers was stolen. [NetworkWorld via Starbucks Gossip]
The Washington Post has reported that Heartland Payment Systems, a payment processor that services “more than 250,000 businesses,” has had more than 100 million transactions compromised via malicious software that was installed on its network; it will likely turn out to be the largest data breach ever reported. The “good” news is that the criminals were only capturing credit card numbers, the names on the cards, and expiration dates—the info encoded onto the magnetic strip on the card. Because no addresses, SSNs or PINs were stolen, the prospect of full-blown identity theft is pretty small—which must explain why Heartland isn’t offering any sort of credit monitoring package as compensation. Instead, their CFO says, “We recognize and feel badly about the inconvenience this is going to cause consumers.”
We’d hoped that Activision’s blunder would be the last one, but it turns out the HR department at Aflac can’t find the BCC field either. Reader Corey writes in to let us know he just received an email addressed to him and 623 other people who were interested in jobs with the insurance company. Our guess is some of the recipients won’t be so interested in a career with a company that doesn’t care about the privacy of its employees. After the jump, a quick guide to obscuring other recipients’ email addresses so this doesn’t happen again.
The FBI has announced that a former Countrywide employee and his accomplice were arrested on charges related to “illegal access of computers containing personal information,” and “illegal sale of the data.” A criminal complaint filed last Friday alleges that one of the men, Rene L. Rebollo Jr., a senior financial analyst for Countrywide Home Loan’s subprime mortgage division (who was let go in July), had been harvesting data from Countrywide’s computers for the past two years — downloading and storing the information on personal flash drives.