Archive for the ‘Fines’ Category

Countrywide Financials Data Loss leads to $20m class action suite…

April 14, 2010 17 comments

Following on from the Countrywide Financial data breach back in 2008, they now find themselves saddled with a class action lawsuit for $20,000,000.

Countrywide Financials problems all started when employee Rene Rebollo confessed to downloading 20,000 data files per week and selling them to Wahid Siddiqi for as much as $70,000 (a total of 2.2 million people’s information was compromised), this leading to Bank Of America (their new owners) paying $350,000 to Connecticut to settle claims.

The terms of the class action can be found on http:\\, but they include up to $50,000 reimbursement per incident of identity theft from a fund of $5,000,000, free credit monitoring, $90 for opening a new account, $20 per month, up to $200 for credit monitoring, $10 per hour for telephone calls etc, and many other miscellaneous things.


TJX Hacker gets 20 years…

March 29, 2010 Leave a comment

Last week, Albert Gonzalez, the “brains” behind the TJX hack , Heartland Payment Systems, 7-Eleven and many other notable cybercrimes was sentenced to 20 years. Part of his punishment is the forfit of $1m he buried in his parents garden, a condo in Miami, a car, diamond ring and several expensive watches (Gonzalez was reported to have stolen $200m by some sources, much of which was returned).

The sentence was severe because some of the attacks were carried out while Gonzalez was working as a Secret Service informant, earning $75k per year.

You can read more on the BBC News website.

Categories: Fines, Privacy Laws

CSO Executive Seminar Series on Data Protection and Encryption…

March 10, 2010 Leave a comment

Just a reminder that tomorrow I will be speaking at the CSO Executive Seminar at the Hilton, Tysons Corner VA – The topic will be “5 practical steps for data protection”. I don’t expect it to be a McAfee sales push, I’ll be talking about technologies in general.

If you’re a reader of my blog(s) please come and say hello.

Notable Breaches of PHI in 2009…

December 15, 2009 Leave a comment

This week, Network World posted an interesting slide show of some notable breaches of Health Record privacy from 2009. The mode of disclosure is telling, with internal misuse/fraud and stolen devices/media being prevalent.

The companies mentioned are: Read more…

ChoicePoint fined an additional $275,000 for failures to have an effective security policy…

October 22, 2009 Leave a comment

Following on from my story on repeat data loss offenders, tho week ChoicePoint has been fined $275,000 by the FTC for failures to have an adequate data security program in place.  ChoicePoint lost the PII of 160,000 U.S residents in 2004 (which they were fined $15 million for), and another 13,750 in 2008 according to Grant Gross of IDG News Service.

Interestingly, this later breach could have been mitigated by a “key” electronic security tool they had in place to monitor the database, unfortunate for them though, it had been turned off. Read more…

Categories: Data Loss, Fines, PII Tags: ,