Morgan Stanley Smith Barney says it has lost two CD-ROMs containing password-protected but not-encrypted data from investment clients. A spokesman for the brokerage says there’s no evidence that there was criminal intent in the breach, or that the information has been misused. [More]
According to the Identity Theft Resource Center, there have already been 216 credit card data breaches in 2011, including the Citi hack that resulted in $2.7 million of stolen funds. And while the number of breaches is down from 333 during the same period of time from last year, the security of our credit card information is still a big concern. [More]
These are not the best of times to be a gamer who leaves personal information on websites. In addition to the Sony troubles of the past couple months, British game publisher Codemasters has been hacked, leaving emails, addresses and passwords exposed. [More]
Sony’s troubles with hackers continue. Now that the company has recovered from the PlayStation Network outage and lengthy rebuilding process, hackers claim to have stolen and posted email addresses and passwords from 50,000 Sony customers on the Sony Pictures and Sony BMG sites. [More]
On May 21, hackers breached the defenses of aerospace/defense/security mega-contractor Lockheed Martin, causing cyber detectives to converge at the company’s Washington, D.C.-area headquarters. The experts have yet to track down the origins of the attack, but insist they didn’t make off with any sensitive information. [More]
Sony got hacked. Again. In three different countries. The music giant confirmed that it had to shut down its Sony Ericsson Mobile Communications shopping site in Canada after thieves broke in and stole personal information of about 2,000 customers. [More]
Senate Commerce Committee Chairman Jay Rockefeller has come up with a new tactic to push companies like Sony to disclose hack attacks and data security breaches more promptly: He’s asked the Securities and Exchange Commission to require companies to treat attacks as time-sensitive information that must be provided to investors. [More]
If you’ve shopped at a Michaels big-box craft store recently and used a credit or debit card, keep an eye on your statements, especially if you shopped in the greater Chicago area. The chain notified customers on its e-mail list earlier today about a possible PIN pad breach in Chicago that may apply to other stores as well. [More]
Everything’s bigger in Texas. Even data breaches. As many as 3.5 million residents of the state found their personal data has been set free in a gaffe by the state government. [More]
A Massachusetts restaurant chain agreed to pay a $110,000 fine to settle a complaint that alleged hackers nabbed customers’ credit card and debit card info in 2009. [More]
Albert Gonzalez, the mastermind behind most of the multi-million dollar credit card breaches in the past few years, is being sentenced this week. (Feds are asking for 25 years.) Now his former accomplice, Stephen Watt, has told Wired that while Gonzalez was busy stealing and selling credit card data he was also being paid under the table by the U.S. Secret Service to inform on others, earning as much as $75,000 in cash annually. [More]
CBS 5 exposed a “gaping hole” in the code of California’s state-run employment website that allows anyone who views the site to access and modify other users’ resumes and personal info simply by changing some numbers in the URL.
The Better Business Bureau has released a warning to be aware of scammers calling to threaten people with arrest “within the hour” for defaulting on payday loans. What makes them stand out from normal debt collecting scammers is these callers have huge amounts of personal info on their victims, including Social Security and drivers license numbers; old bank account numbers; names of employers, relatives, and friends; and home addresses.
Visa has removed Heartland Payment Systems and RBS WorldPay, the two huge payment processors that suffered recent data breaches, from its list of companies that are in compliance with Payment Card Industry (PCI) rules. It says they can get back on the list when they recertify that they have proper security in place. While this may sound like a significant change in the status of the companies, in reality it does little to change how the three companies do business with each other or with merchants. It’s just a way for Visa to protect itself from any upcoming lawsuits by banks and credit unions against the payment processors.