Insurance carriers, third party administrators (TPAs), and self-insureds had claims data exposed when a cloud-hosted claims management service inadvertently left their databases and files unprotected on a public server. Another week, another infosecurity failure that exposed oodles of personal information. This time, it’s a leak that not only exposed insurance claims data, but allegedly included internal documents that reveal how…
Month: September 2015
Kremlin Website Hit By ‘Powerful’ Hack During Elections
RFERL reports: Hackers made a “very powerful” attack on the Kremlin website on September 13, the Russian government said on September 14. Kremlin spokesman Dmitry Peskov linked the attack to regional elections in Russia over the weekend in which the opposition sought to challenge government-allied politicians in Kostroma Oblast, the one region it was allowed…
NC: Charlotte-Mecklenburg Schools notifies 7,600 job applicants of privacy breach
Adam Bell reports: Charlotte-Mecklenburg Schools has notified about 7,600 job applicants that their personal information, including Social Security numbers, was shared with an outside contractor without their consent. […] In a statement Tuesday morning, CMS said that one of its employees entered into an agreement with a vendor prior to obtaining proper authorization, and that resulted…
Gov. Charlie Baker promises probe of E-ZPass hack risks
Bob McGovern reports: Gov. Charlie Baker — responding to a Herald report on potential hacking and civil liberties problems with the E-ZPass system — said he has asked transportation officials to study the issue. “Obviously every time there is a story that suggests there’s an issue with something like this we ask folks, whatever it…
Glidewell notifies employees after security incident
James R. Glidewell, Dental Ceramics, Inc. and its subsidiaries (“Glidewell”) are notifying employees of a security incident. According to a notification letter submitted to the California Attorney General’s Office, Glidewell learned that “an unauthorized individual may have taken certain documents and data maintained and/or owned by Glidewell, without Glidewell’s authorization.” The data theft occurred on February…
FBI dumps on IoT security
Richard Chirgwin reports: The FBI has decided that your Things are too risky to be allowed anywhere on the Internet. Curiously, given that the Internet of Things is backed by some of the largest tech vendors in the world, the Bureau has also decided that responsibility for security – and for understanding the capability of…