Phishing Incident Leads Breach Roundup

Fed. Employee Phished; Cruise Passenger Info E-mailed
Phishing Incident Leads Breach Roundup

In this week's breach roundup, a federal employee fell for a phishing attack, and a cruise line accidentally e-mailed sensitive passenger information to other passengers.

Phishing E-mail Affects Commission Employees

The U.S. Commodity Futures Trading Commission suffered a data breach stemming from a phishing e-mail. After receiving the e-mail, a commission employee provided information to a fraudulent website, which then allowed a cyberattacker to access an e-mail account that contained personnel information, Bloomberg reports.

See Also: Are You APT-Ready? The Role of Breach and Attack Simulation

The commission reported to Bloomberg that the account contained personnel e-mails, Social Security numbers and "possibly other sensitive personally identifiable information of certain individuals."

Affected employees will receive free identity protection; the total number affected was not revealed.

Cruise Line Breach Exposes Passenger Info

The Cunard Cruise Line this week mistakenly sent personal information for more than 1,200 passengers to an undisclosed number of individuals registered in the company's information system. MSN's Cruise Critic, a website devoted to cruise-related issues, learned of the breach when a message board participant said he received an e-mail with a spreadsheet containing the contact information on Cunard passengers. The spreadsheet contained booking reference numbers, names and e-mail addresses, according to MSN.

Cunard confirmed the incident to MSN, saying, "An e-mail was sent in error to some guests containing details relating to other guests' bookings." No passport information was sent out, according to a spokeswoman.

Stolen Laptop Affects Job Searchers

Towards Employment, a job recruitment firm, had an unencrypted laptop stolen from its offices on May 11, affecting current and former program participants. According to a message posted on the company's website, those who provided personal information after May 11 were not affected. The laptop contained a database that included names, addresses and Social Security numbers. No financial information was on the laptop, the company says.

The company is providing free credit monitoring and identity theft services to those affected; the number of individuals affected was not revealed.

Dental Insurer Loses Records in Transit

Delta Dental of Illinois, a dental health benefits provider for a wide range of employers, is notifying 224 enrollees of a data breach resulting from a missing shipment of paper claims documents.

The company was notified by a national third-party delivery service that a box containing paper claims and X-rays was lost. According to a press release, "some personal information and/or health information may have been included in the box ... depending on what the enrollee's dentist provided on the claim."

The company is providing one year of identity theft monitoring to affected individuals.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.