Vice president

UPMC faces file class suit by the data breach affected employees

May 7th, 2014

University of Pittsburgh Medical Center (UPMC) data breach has invited file class suit by the 27,000 affected employees. A file class suit is filed against UPMC and its payroll vendor, Ultimate Software Group. Out of 27,000 affected employees, 788 employees were known to have been the victims of tax fraud.

An attorney, Michael Kraemer filed the class suit against UPMC. He said that at least two employees learned that their data had shown up on an “underground or black market-type forum.”  “It gives me more questions. Is this related to the UPMC data breach? If it is, UPMC should be as transparent as possible in letting everyone know what they know about who has the information or if it’s been contained,” said Kraemer, who is pursuing class-action litigation against UPMC.

The suit mentions that UPMC and the vendor breached its duty to protect private employee information which resulted in vulnerability of misuse of employee’s information to tax return fraud. UPMC has offered employees the chance to sign up for a year of free credit monitoring services – But the class suit is filed for a court injunction forcing 25 years’ worth of identity theft insurance, credit restoration services, and credit and bank monitoring services.

Mitchell Dauerman, the company’s executive vice president, said he doesn’t believe UPMC or any of its subsidiaries are clients of Ultimate Software, and may have been sued by mistake.

Some UPMC employees interviewed on the streets of the city’s Oakland section feared for identity theft.

“They’re going to wait one year, they’re going to wait two years, they’re going to wait three years, and they could come back. I could be affected by a job I took in college, which is sort of scary,” said Allisandra Supinski.

“I feel comfortable with the one year that I have. If i look into it more, I may change my mind,” said Amy Hoffman.

“As long as you are with UPMC, they should cover us. As long as we work there for them, we should be able to get protected,” said Rodreda Tate.

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Big banks and retailers lock horns over Data breach

February 3rd, 2014

 

Target customers personal information of about 110 million was exposed during the data breach. It was notified by the Justice Department after suspicious activity involving payment cards used at Target stores. Also Neiman Marcus computer was attacked by hackers. It was notified late to the customers as company required confirmation for the breach.

Target Executive Vice President John Mulligan started his testimony before the Senate Judiciary Committee with an apology before blame game started between big banks and retailers. He stated during first part of hearing, “We know this breach has shaken their confidence in Target, and we are determined to work very hard to earn it back.” According to Mulligan, company hired its own independent team of experts to conduct a forensic investigation after the breach.

Personal information like credit and debit card numbers, expiration dates, PIN numbers and codes on the cards’ magnetic strips was compromised after 40 million credit and debit card accounts of Target were breached late last year. Also non card information like names, phone numbers and email and mailing addresses of 70 million Target customers were also stolen.

Neiman Marcus computer was also affected by the breach. Michael Kingston, senior vice president of the Neiman Marcus Group said, “The malware was evidently able to capture payment card data in real time, right after a card was swiped, and had sophisticated features that made it particularly difficult to detect, including some that were specifically customized to evade our multilayered security architecture that provided strong protection of our customers’ data and our systems.”

FTC Commissioner Edith Ramierz and William Noonan, a top agent with the Secret Service’s cyber operations branch are expected to report the Senate Judiciary Committee following testimony from retailers.

With the seriousness involved in the breach data it is advised companies to put all security measures in place. Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta