Penn Mutual Says Employee Might Have Disclosed Customer Data

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.darkreading.com/insider-threat/167801100/security/privacy/229300663/penn-mutual-says-employee-might-have-disclosed-customer-data.html

By Tim Wilson
Darkreading
Mar 09, 2011

An employee of the Penn Mutual Insurance company gained unauthorized 
access to customer information and might have disclosed it to others, 
according to a breach disclosure notice filed with the state of New 
Hampshire last month.

"When Penn Mutual learned that the former employee had, during the course 
of her employment, unlawfully accessed personal information of Penn Mutual 
customers, it immediately fired the employee," the breach disclosure 
states.

"Although we have not been able to determine definitively what customer 
accounts and what personal information were unlawfully accessed by the 
former employee, it appears that the former employee accessed and may have 
improperly disclosed the names, addresses, dates of birth, Social Security 
numbers, and bank account information associated with a number of our 
customer accounts," the disclosure says.

The notification letter filed with the state of New Hampshire does not say 
how many customers might have been affected by the data breach. Five of 
the customers are residents of New Hampshire.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/