BreachExchange mailing list archives
California Dept. of Consumer Affairs has a breach, but doesn’t notify those affected for 6 months?
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 10 Jul 2013 11:33:00 -0500
http://www.databreaches.net/?p=28113 Ouch. The California Department of Consumer Affairs – Bureau of Automotive Repair (“BAR”) learned that a service provider had a network intrusion breach that gave someone access to bank account numbers and bank routing numbers belonging to the Smog Check stations licensed by the BAR. The breach reportedly occurred between May 2012 and March 2013, but according to their notification to the state, they first discovered the breach on January 4, 2013. So why the six-month delay in notification? And why did it take their service provider so long to discover the breach? _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- California Dept. of Consumer Affairs has a breach, but doesn’t notify those affected for 6 months? Erica Absetz (Jul 10)