BreachExchange mailing list archives
follow-up: Aviva USA says 'malware' at fault in data breach
From: security curmudgeon <jericho () attrition org>
Date: Thu, 4 Jun 2009 03:53:33 +0000 (UTC)
http://www.businessinsurance.com/article/20090603/NEWS/906039984 Aviva USA says 'malware' at fault in data breach Posted On: Jun. 03, 2009 3:11 PM CST Jeff Casale CONCORD, N.H.Aviva USA, the life insurance and annuity arm of Aviva P.L.C., said it has discovered a data breach that leaked the Social Security numbers, names and possibly addresses of 550 of its customers. Aviva said it notified the New Hampshire attorney general s office of the breach on May 29, which it said occurred between Dec. 30 last year and Feb. 24 this year. New Hampshire is one of several states that require companies to report data breaches. The breach was due to malicious software, more commonly referred to as malware, that was installed on the Des Moines, Iowa-based insurers computer system as online research was being conducted. According to the letter, Aviva has removed the affected hardware from service and issued new passwords to its employees whose login information may have been compromised. Customers whose identity was potentially compromised by the breach will be offered free identity theft protection service for a year and identity theft insurance coverage up of $25,000, Aviva wrote in its letter. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- follow-up: Aviva USA says 'malware' at fault in data breach security curmudgeon (Jun 03)