IT Security Stories to Watch: The Salvation Army Gets Breached
The Salvation Army recently was informed that several employee background checks were compromised due to a data breach.
What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week’s list of IT security stories to watch to find out:
1. The Salvation Army suffers data breach
At least 100,000 people across the United States may have been affected by a data breach involving the Salvation Army.
CBS46 News reported that numerous employee background checks were compromised, and personal information such as names, Social Security numbers and dates of birth may have been exposed.
“It’s a very unfortunate incident,” Salvation Army spokesperson Major Todd Hawks said. “Whether it’s one or 500,000 (people), a breach is a breach.”
2. FTC: Glitch caused Morgan Stanley data breach
As a result, the FTC has closed its investigation into the incident.
“In this instance, our investigation determined that the Morgan Stanley employee was able to gain access to client data, despite such controls, because the access controls applicable to a narrow set of reports were improperly configured,” Maneesha Mithal, associate director of the FTC’s division of privacy and identity protection, wrote in a closing letter. “Morgan Stanley promptly fixed the problem when it came to the company’s attention.”
3. Data breach affects up to 2.4 million Carphone Warehouse customers
Personal information from up to 2.4 million Carphone Warehouse customers may have been exposed during a recent data breach, according to BBC News.
Carphone Warehouse also noted that up to 90,000 customers may have had their encrypted credit card details accessed.
The British mobile phone retailer is informing all customers who may have been affected and advising them on how to reduce the risk of further consequences from the data breach.
4. Did Kaspersky Lab fake malware to harm its rivals?
Reuters last week reported that two former Kaspersky Lab employees claimed the IT security company tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious.
However, Kaspersky Lab has denied the claims.
“Contrary to allegations made in a Reuters news story, Kaspersky Lab has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing. Such actions are unethical, dishonest and illegal,” Kaspersky Lab said in a prepared statement. “Accusations by anonymous, disgruntled ex-employees that Kaspersky Lab, or its CEO, was involved in these incidents are meritless and simply false.”