Valley Hope Association in Kansas provides alcohol, drug, and related treatment services and have done so since 1967, according to their site. Despite their extensive and long history of experience, patient information was not encrypted on a laptop that was stolen from an employee’s car in December. Why? Here’s their announcement of the incident, below….
Month: February 2016
University of California – Berkeley alerting 80,000 to December hack involving SSN or bank account info (UPDATE1)
From the University of California – Berkeley: UC Berkeley officials are sending alert notices to approximately 80,000 current and former faculty, staff, students and vendors following a criminal cyberattack on a system storing their Social Security or bank account numbers. The campus has no evidence that any unauthorized individual actually accessed, acquired or used any…
IRS “Get Transcript” breach much bigger than first thought – now more than 700K victims
Andrew Taylor of AP reports: The IRS says the number of taxpayers whose tax information may have been stolen by computer hackers now exceeds 700,000 — more than double the agency’s previous estimate. The tax collecting agency says 390,000 more taxpayer accounts may have compromised than the 334,000 it warned about a year and a…
uKnowKids updates its breach report and answers a question I posed
There’s an update to uKnowKids’ breach disclosure, here. They assert that their analysis shows only one IP address – presumably researcher Chris Vickery’s – downloaded any data from their misconfigured database. They do not name the provider responsible for security the database. According to their statement, the misconfigured instance of the database occurred on December…
Anonymous: Turkish government cracks down on Twitter ‘hacktivists’ over leak of police data
Jason Murdock reports: The Turkish government has retaliated against a number of Twitter profiles that posted links to a compromised database stolen from a national police server. The users, which includes two Anonymous-affiliated accounts, sent out notifications to millions of followers containing a direct link to a huge 17.8GB-sized trove of sensitive data earlier this month. One…
FTC Says Listen Up When Vulnerability Reports Come In
James Denvil and Paul Otto of Hogan Lovells write: The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS…