The Rippleshot Data Breach Blog

Data Breach Ripples: Week of April 17

Written by Zach Walker | Apr 17, 2015 6:00:00 PM

In this week's issue: Uber hires a new security officer from Facebook, financial institutions and retailers are skirmishing over the upcoming EMV deadline, UC Riverside suffers a data breach exposing the personal information of 8,000, AT&T is going to settle a data breach complaint by agreeing to pay $25 million and for the Rippleshot content of the week, we've put together a great infographic using Rippleshot research to determine the top five most compromised merchant categories in the U.S. 

WHITE LODGING CONFIRMS SECOND DATA BREACH

In February of 2014, hotel franchise White Lodging, which includes Hilton, Marriott, Sheraton and Westin hotels, fell victim to a data breach. This data breach is appears to be responsible in exposing the payment information of several thousand guests across the U.S. Fast forward just over a year, and Brian Krebs of KrebsOnSecurity is reporting that for the second time in a year, various banks and credit unions are reporting fraud involved with payment cards that transacted at White Lodging hotels.

Late last week, White Lodging Services Corporation issued a press release listing the 10 properties across the U.S. White Lodging will be offering one year of fraud resolution and identity protection services to those affected by the data breach.

AMERICAN EXPRESS TO START PAYING CUSTOMERS TO USE APPLE PAY

On Tuesday, American Express announced a promotional offer http://bankinnovation.net/2015/04/american-express-starts-paying-consumers-to-use-apple-pay/ for its cardholders that have yet to use their American Express cards on Apple Pay. For American Express cardholders in Chicago, a $5 credit will be applied to any single purchase totaling $5 or more at particpating concession stands at the United Center. This promotion coincides with two of Chicago's professional sports teams starting their respective playoff runs at the United Center.

TARGET NEARS $20 MILLION SETTLEMENT WITH MASTERCARD OVER DATA BREACH

As we approach the two-year anniversary of Target's catastrophic data breach, Target is approaching a massive settlement with MasterCard. The current settlement is nearing the $20 million mark to help offset the costs that financial institutions incurred due to the data breach. These costs include the reissuance of credit and debit cards exposed in the data breach, as well as some of the fraudulent transactions that resulted from the exposure of the retailer's customer payment information.

For more information on the Target lawsuits, check out our blog post covering everything you need to know about the current lawsuit status.

SENATORS INTRODUCE BIPARTISAN DATA BREACH LEGISLATION BILL

On Thursday, two members of the U.S. Senate introduced the second major data breach legislation bill. Senators Tom Carper (D-Del.) and Roy Blunt (R-Mo.) presented the Data Security Act to help set a nationwide data security standard for companies. Currently, the House is in the process of drafting and reworking two similar bills. With a total of four national data legislation bills currently presented to the U.S. Senate and House, lawmakers are scrambling to come to a consensus as to which bill best protests the interests of U.S. consumers.

RIPPLESHOT CONTENT: VERIZON DATA BREACH INVESTIGATIONS REPORT RECAP

In this week's Rippleshot blog post, we take a look at the Verizon 2015 Data Breach Investigations Report (DBIR). Verizon's annual security report provides unparalleled insight into the information security ecosystem and how data breach impact organizations of all sizes. We'll cover everything from data breach trends, to threat actors and malware, but we highly recommend downloading a copy for a more in-depth read.

SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.