Bloomberg Names Compliance Chief After Client Data Breach

 Breach Incidents, Other  No Responses »
May 132013
 

Catherine Dunn reports:

Bloomberg LP is looking to repair the ongoing fallout over a controversial breach of client data, and the financial information company is adding a new compliance officer to help.

Bloomberg executive Steve Ross will now lead the company’s client data compliance office as Bloomberg continues to field questions over the division between its newsgathering operation and its core business—the $20,000-per-year data terminals employed by bankers to monitor market conditions.

Last week, after Bloomberg received a complaint from Goldman Sachs, the New York Post revealed that Bloomberg News reporters were able to view certain uses of the terminals by clients, including log-on data. The Federal Reserve and the European Central Bank, also Bloomberg clients, reportedly contacted the company for more information on the issue.

Read more on Law.com

Shocking! Maharashtra admits it lost Aadhaar data of three lakh people

 Government Sector, Non-U.S., Other  Comments Off
Apr 232013
 

Data loss, but no seemingly big risk of data misuse:

Maharashtra government has lost data of about three lakh people collected under the controversial Aadhaar scheme, mostly from Mumbai who enrolled into the number scheme.

According to a report in the Times of India, the data containing permanent account number (PAN) and biometric information was lost while being uploaded from Mumbai to Unique Identification Authority of India (UIDAI) server in Bengaluru. “While the transmission was in progress, the hard disk containing data crashed. When the data was downloaded in Bangalore, it could not be decrypted,” the newspaper report said quoting an official from Maharashtra information technology (IT) department, which is overseeing the enrolment of citizens.

Read more on MoneyLife.

Three lakh is 300,000 people. And if you’re wondering as to whether there was a backup, the Times of India reports that those whose data were lost will have to re-register for their Aadhaar ID – a time-consuming a frustrating process.  Was there no backup of the drive??

St. Scholastica hack sheds light on Macalester IT security

 Breach Incidents, Education Sector, ID Theft, Other, U.S.  Comments Off
Oct 192012
 

Emma WestRasmus reports:

“What was the name of your first pet? What’s your favorite color? What’s your mother’s maiden name?”

We all know the drill. Whenever we start a new account we are prompted for answers to challenge questions that will surely be easy to remember. But for more than two dozen students at the College of St. Scholastica in Duluth the answers to questions needed to reset their student account passwords might have been just a little too easy to figure out. Earlier this month 28 students’ email accounts at St. Scholastica were hacked when hackers were able to answer the student’s challenge questions on their Self-Service Password Reset service simply through information obtained through the students’ social media pages.

Read more on The Mac Weekly. Once the hackers were able to access the e-mail accounts, they reportedly used information found in the accounts for fraudulent purposes.

Dozens of Atlanta police socially engineered into giving ID thieves their personal info

 Breach Incidents, Government Sector, ID Theft, Other, U.S.  Comments Off
Aug 132012
 

At least 39 members or employees of Atlanta law enforcement fell prey to two women who posed as representatives of AFLAC and requested their personal information under the ruse of the city changing its insurance options.

Read more about it on 11Alive, the Florida-Times Union, and Creative Loafing.

 

Maplesoft Affected by Security Breach

 Breach Incidents, Business Sector, Malware, Non-U.S., Other, U.S.  Comments Off
Jul 192012
 

Seen on Maplesoft’s web site:

Maplesoft is investigating a security breach of its administrative database that took place on July 17th, 2012. As a result of the breach, the perpetrators gained access to some email subscription data, including email addresses, first and last names, and company and institution names. Any financial information held by Maplesoft remains secure, and has not been affected by this security breach.

The perpetrators appear to be using email addresses they have taken from the database to spread viruses or malware. The perpetrators are posing as Maplesoft in an attempt to have individuals they email click on a link or download a malicious piece of software.  Recipients should not respond to these emails and they should not open any attachments or click on any download links. These emails should be deleted immediately. Maplesoft discovered the security breach after some of Maplesoft’s customers received what appeared to be a spam email.  Notification of the spam email was then immediately posted on the Maplesoft website. Upon investigation by Maplesoft’s IT staff, the security breach was discovered and Maplesoft took immediate corrective actions to stop the breach and prevent further unauthorized access to Maplesoft’s databases.   All of the individuals affected by the security breach have been alerted by Maplesoft directly.

[...]

An update to the alert reads:

We have determined that the attachment in the spam email was a virus.

Depending on the antivirus client used it will be identified by one of these names: Zbot, ZeroHour, or Zeus.

 Older Entries