Data Breaches news & analysis | SC Media

Data Breach

Premera Blue Cross to cough up $10 million to 30 states over data breach

Premera Blue Cross has consented to pay $10 million as compensation for a nearly year-long data breach that impacted more than 10.4 million health patients, the Washington state’s Attorney General Bob Ferguson announced yesterday. More than half of those funds, roughly $5.4 million, will be allocated to Washington, and will be applied toward the enforcement…

Marriott hit with $124 million fine for 2018 data breach

The U.K. Information Commissioners Office (ICO) intends to levy a £99,200,396, or $124 million, fine against Marriott International in response to the data breach suffered by that company’s Starwood reservation data base in November 2018. Marriott reported the ICO’s intention to impart the fine, but said in a statement the company will use its right…

Florida state worker steals resident’s PII

About 2,000 Florida residents were potentially victimized by an employee of that state’s Department of Children and Family Services (DFCS) who accessed and used their PII to fraudulently make $260,000 in purchases. Allegedly, state staffer Bertanicy Garcia, an interviewing clerk at the Miami DFCS, worked in conjunction with six accomplices to whom she distributed personal…

Data management firm exposed client info on open Amazon S3 buckets: researchers

Data from Netflix, TD Bank, Ford and other companies was left exposed for an unknown period of time on publicly configured cloud storage buckets operated by data integration and management company Attunity, according to the research team that discovered the error. A researcher from UpGuard’s Data Breach Research team found the three publicly accessible Amazon…

5M records exposed by misconfigured MedicareSupplement.com MongoDB

A MedicareSupplment.com MongoDB containing more than five million records was found open to the public containing a wide range of PII. The records were found by the security firm Comparitech and researcher Bob Diachenko on May 13 containing first and last name, full address, IP address, email address, date of birth, gender and marketing-related information.…

Sun Prairie, Wis. warns of data breach after intruder accesses employee email accounts

For nearly two months this year, an unauthorized party had illegitimate access to the email accounts of certain employees working for the city of Sun Prairie, Wisconsin. These accounts contained sensitive data such as Social Security numbers, account logins and passwords, drivers’ licenses, state identification numbers, bank and financial account numbers, medical information and payment…

Some of the biggest tech and internet corporations began releasing updated transparency reports.

Dominion National announces nearly decade long breach

Dominion National announced the discovery of a nearly decade long breach involving unauthorized access to its servers.  On April 24, the investigation of an internal alert revealed that the unauthorized party may have accessed some of the firm’s computer servers as early as August 25, 2010, according to a notice of data security incident posted…

Social Engineered hacked, user data leaked, dumped on rival site

User data from Social Engineered, which bills itself as a forum for the “Art of Human Hacking,” was leaked in mid-June and posted on a rival site. “Mybb had a vulnerability yet again and the site got breached along other websites using Mybb,” Social Engineered founder, Snow101, confirmed in a blog post. “We moved over…

Next post in Security News