Get caught up with latest news regarding data breaches for the week of the August 25.
Dairy Queen –On August 26th, Brian Krebs reported that soft serve and fast food restaurant chain, Dairy Queen might be the latest retailer to be the victim of a bank card breach. Dairy Queen originally claimed that the restaurant chain had no knowledge of the breach, however, a spokesman for the company confirmed that the restaurant chain had heard from the U.S. Secret Service regarding "suspicious activity," affecting customer data at an unknown number of stores. According to one of Brian Krebs’ sources, the breach window may have begun as early as May 2014.
Racing Post – In November of 2013, UK racing magazine and website Racing Post fell victim to a cyber attack, resulting in over 677,000 of its user accounts becoming compromised, according to IT Pro. The UK's Information Commissioners Office (ICO) reported that customer names and passwords were exposed following an SQL injection. While Racing Post was found to be at fault for the data breach, "by failing to keep their IT systems up-to-date," the magazine will avoid any fines because no financial information was compromised.
JPMorgan Chase – Last week, we originally reported on the cyber attack against JPMorgan Chase and possibly 7 of the top 15 banks. According to the Wall Street Journal, the FBI reports that it has found no evidence that indicates that any other banks were affected by the cyber attack. According to security experts, the attack may have begun several months ago and was only recently discovered due to a routine intrusion investigation. As JPMorgan Chase and the Info Security community try to determine why this attack was carried out, sources close to the investigation have told Bloomberg that the cyber attack was likely carried out by a group of Russian hackers.
Cedars-Sinai Health Systems – A Los Angeles-based health system, Cedars-Sinai Health Systems, reported that an unencrypted laptop was stolen from an employee's home sometime in mid-August. Over 500 patients personal information was exposed, including Social Security numbers which may have been stored on the hard drive of the laptop. At this time, Cedars-Sinai does not believe that there has been any unauthorized access to patient information, but is currently notifying all of the patients that might have been affected by the data theft.
Stay tuned for next week's Data Breach Ripples and to get caught up in last week's news, click here.