Westlaw Reports Public Records Database Breach to New Hampshire Attorney General
A data breach involving Westlaw’s public records database took place about one month ago (October 14th) and was recently reported to the New Hampshire Attorney General’s Office.
The filing is accessible here and includes a copy of a notification letter sent to those effected.
New Hampshire law requires that data breaches are reported to state authorities. See 359:C20(I)(B)
We learned of this data breach via the Office of Inadequate Security (blog) that does a nice job summarizing the West filing.
Investigation revealed that some subscribers’ passwords had been compromised and used to access the database. The types of information involved included addresses, date of birth, and in some cases, driver’s license numbers and Social Security numbers. No bank account or credit card information was involved.
We also learn that:
- West contacted federal authorities
- A forced reset of passwords took place
- A letter was sent to those affected
- Free credit monitoring was offered
Direct to Blog Post
Direct to Full Text Filing Sent to New Hampshire Attorney General
About Gary Price
Gary Price (firstname.lastname@example.org) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.