Citibank ATM Network Breach

Between October 2007 and March 2008, thieves stole millions from Citibank’s network of ATM machines in 7-Eleven retail stores. They successfully accessed PIN codes from an undetermined number of accounts. There are nearly 5,700 Citibank-branded ATMs inside 7-Eleven stores throughout the United States. The thieves were apprehended and allegedly made $2 million in illegal profits.

What’s more disturbing is that such data intrusions often go unreported.

When it comes to ATM cards, I strongly advise:

• Do not tie multiple accounts to your PIN code.
• Keep a limited amount in the account.
• Use common sense to keep your PIN code safe (i.e. obscure code, don’t tell anyone)

Related Link:

• Citibank ATM breach reveals PIN security problems

Scottish Ambulance Service Loses 895,000 Patient Records

The ENCRYPTED disk contained 894,629 call records between February 2006 and June 2008, including the addresses of incidents, phone numbers and patient names.

Unlike so many other incidents, at least this company:

• Encrypted their data before transporting it.
• Immediately notified authorities.
• Immediately admitted to the public what happened and disclosed details.
• Doesn’t try to hide the incident from the public.

Related Links:

• Scottish Ambulance Service loses nearly 900,000 records
• Missing Disk Questions & Answers
• More articles about careless organizations that allow data to be stolen…

June Bad Month For 411,000 U.K. Customers of Virgin Media, HSBC and Cotton Traders

Virgin Media lost an unencrypted computer disk containing data on 3,000 customers that signed up for services via Carphone Warehouse stores in the United Kingdom. Records contain bank details, names and addresses. No mention at all on VirginMedia.com or CarPhoneWarehouse.com.

HSBC lost a computer disk containing data on 370,000 customers. Records contain details such as name, date of birth, level of insurance coverage, and whether or not a customer is a smoker. I found no mention on HSBC.co.uk or HSBC.com.

The BBC reports that records for 38,000 credit card customers have been stolen from U.K. clothing firm Cotton Traders. The company disputes the number of affected customers. There is no mention of the incident on CottonTraders.co.uk.

Related Links:

• Virgin Media loses 3,000 customer records
• HSBC loses 370,000 customer details
• Retailer loses thousands of card details in online hack
• More articles about careless organizations that allow data to be stolen…

51,000 Wards Credit Card Records Exposed

This data loss was the result of specific attacks against their online network. The criminals proceeded to sell the credit card numbers online. Information included the card numbers, their three-digit “security codes”, expiration dates, as well as the cardholders’ names, addresses and phone numbers.

At least 51,000 records were exposed in the breach at the parent company of Montgomery Ward. The venerable Wards chain that began in 1872 went out of business in 2001, but in 2004 a catalog company, Direct Marketing Services Inc., bought the brand name out of bankruptcy. It now runs a Wards.com Web site along with six other sites, including three with Sears brands it has acquired: SearsHomeCenter.com, SearsShowplace.com and SearsRoomforKids.com.

Definitely read the whole article. The company tries to shift blame because the guidelines from Visa on how to respond to a security breach didn’t mention that the company should also inform the affected consumers.

It just illustrates the point that these type of events probably happen more frequently than most of us suspect and are often covered up to prevent a public relations crisis.

Related Links:

• Wards didn’t tell consumers about credit card hack
• More articles about careless organizations that allow data to be stolen…

Own Shares in Disney But Get Screwed By BNY Mellon

Dammit, we got one of those notification letters AGAIN that our personal financial information has been lost. At first we couldn’t figure out why because we don’t use Bank of New York. Took a little digging to figure out Read more

Bank of New York Mellon Loses 4.5 Million Customer Records

Bank of New York Mellon has lost unencrypted back-up computer tapes containing the confidential details of around 4.5 million customers. Read more

88,000 Patients Had Info Stolen From Staten Island University Hospital

Staten Island University Hospital (New York) waits four months to inform patients that their personally identifiable information had been stolen from their financial office. Read more

Next Page »