Patrick H. Haggerty’s article is particularly timely this week in light of the Systema Software data leak. Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised. These laws vary, and much has been written about the challenges caused by…
Month: September 2015
FireEye: Forbes.com served malicious ads to visitors
Steve Ragan reports: In a blog post, researchers from FireEye have outlined a malvertising campaign that was running on Forbes.com earlier this month, which led visitors to landing pages ran by the Neutrino and Angler exploit kits. The attacks were triggered on a handful of articles, but the logs released by FireEye show that none…
Ca: APEGA database breached affecting 75,000 members
CBC News reports: The body that regulates the practices of engineers and geologists in Alberta reported a “significant data breach.” when all the names and email addresses of its 75,000 members were leaked to an unknown party as a result of a phishing event. The database of the Association of Professional Engineers and Geoscientists of Alberta was breached at around 11:45 a.m….
More details emerge on Systema Software data leak (update1)
On September 9, Chris Vickery (previously referred to as “TE” in earlier coverage) notified the KDHE that what appeared to be the entire Kansas State Self Insurance Fund SIMS database was exposed online, as were databases from other agencies and organizations. KDHE immediately notified Systema Software, who promptly secured the leaking files. Vickery also contacted DataBreaches.net, who reported on the leak and the…
Former Morgan Stanley adviser pleads guilty to stealing clients’ information
There’s an update in the case of fired Morgan Stanley wealth management adviser Galen Marsh, who had been accused of stealing account data on about 350,000 clients and posting some of that information for sale online. Nate Raymond and Joseph Ax of Reuters report that Marsh pleaded guilty today to swiping more than double the amount of data Morgan…
Molina Healthcare notifies members that CVS employee stole some of their PHI for fraudulent purposes (Updated)
Molina Healthcare is notifying members of a breach of protected health information (PHI) involving an employee of their vendor, CVS. In a letter dated September 17, they write: This is to let you know that CVS, Molina Healthcare’s Over-the-Counter (OTC) benefits vendor, told us on 7/20/15 about a breach of your protected health information (PHI)….