Apr 202018

From their press release:

SunTrust Banks, Inc. (NYSE: STI) is now offering Identity Protection for all current and new consumer clients at no cost on an ongoing basis. Experian IDnotify™ will be provided to those who sign up for the service.

SunTrust cares deeply about the privacy and security of client information. The company became aware of potential theft by a former employee of information from some of its contact lists. Although the investigation is ongoing, SunTrust is proactively notifying approximately 1.5 million clients that certain information, such as name, address, phone number and certain account balances may have been exposed. The contact lists did not include personally identifying information, such as social security number, account number, PIN, User ID, password, or driver’s license information. SunTrust is also working with outside experts and coordinating with law enforcement.



Read the full press release here.

Apr 202018

Caley Ramsay reports:

Upwards of 700 former participants, volunteers and youth leaders of Camp fYrefly may have had their personal information compromised, according to the University of Alberta.

An internal investigation found a former employee with the for Sexual Minority Studies and Services (iSMSS) Camp fYrefly downloaded and shared personal information about some camp participants, volunteers, youth leaders and facilitators in violation of university policy, the U of A said in a media release on Thursday.

Read more on Global News.
Apr 192018

Fox47 reports:

An attack on Ingham Intermediate School District’s online network and the person police say is responsible was one of its own students. The incident happened in February 2017.

On Wednesday FOX 47’s Alani Letang learned more on that student, who now faces criminal charges after shutting down the district’s internet servers.

Police say 19-year old Brandon Barlett targeted the district in a ransomware attack. That attack didn’t put students or staff in danger but did affect the day to day operations of the school district.

“A couple hours in the morning a couple in the afternoon over a period of ten days is between 30-40 hours that the internet was down. The impact of teaching and learning of students and the productivity of our school employees,” said Scott Koenigsknecht- Ingham Intermediate School District Superintendent

Read more on Fox47.

Apr 182018

Sarah Mills reports:

The Saskatchewan NDP has concluded its privacy breach investigation into one of its own members.

Rylee Schumacher admitted to using the voter list to look up the police officer investigating her rape allegation.

In a written statement the NDP confirmed the investigation had wrapped up saying it takes the protection of personal privacy “incredibly seriously.”

Read more on CJME.

Apr 182018

WSOC reports:

Patients’ Social Security numbers, dates of birth and names were all handed over to fraud suspects by a Carolina Digestive Health Associates employee.

In their search warrant, police said she admitted to sharing around 100 people’s personal information to fraud suspects.

She also agreed to let detectives check her phone, and the warrant said they saw several pictures of personal information including names, dates of birth and Social Security numbers of patients.

Read more on WSOC.

Carolina Digestive Health Associates issued the following statement:

CHARLOTTE, NC—April 17, 2018—Carolina Digestive Health Associates (“CDHA”) has become aware of a data security incident that may have involved the personal information of some of its patients. CDHA will be sending notification letters to the potentially involved patients to notify them of this incident and to provide resources to assist them.

On January 10, 2018, CDHA was contacted by the Charlotte-Mecklenburg Police Department and told the police had discovered that a CDHA employee had stolen personal information belonging to some patients. The involved employee has been terminated and CDHA is continuing to cooperate with the police investigation. In addition, CDHA has conducted its own investigation to identify any other patient records the employee may have accessed and what information was contained in those records.

Law enforcement asked CDHA to delay notification to affected patients while they investigated the situation and the employee involved. Notification letters will be sent to all affected patients via U.S. mail and will include information about the incident and steps potentially affected patients can take to monitor and protect their personal information. CDHA has established a toll-free call center to answer questions about the incident and to address related concerns. The call center we be available beginning Wednesday, April 18 at 2:00 p.m. ET, and thereafter, Monday through Friday from 8:00 A.M. to 5:00 P.M. EST at 888-284-9087. In addition, out of an abundance of caution, CDHA is offering identity protection services through ID Experts to potentially impacted individuals at no cost.

CDHA takes the security of all patient information very seriously and is taking steps to prevent a similar event from occurring in the future, including restricting employee access to patients’ sensitive information, and increasing the monitoring and auditing of access to patient records. CDHA deeply regrets any inconvenience or concern this incident may cause.

Their full statement can be found on their web site.