CBC News reports: The University of Calgary paid a demanded $20,000 after a “ransomware” cyberattack on its computer systems. The university announced the ransom payment Tuesday, a week after the initial attack. “As part of efforts to maintain all options to address these systems issues, the university has paid a ransom totalling about $20,000 Cdn that was…
Month: June 2016
In wake of OPM breach, few sign up for protection services
Meredith Somers reports: Federal employees don’t think their personally identifiable information (PII) is safer than it was one year ago, but new numbers from the Office of Personnel Management show those employees are not taking advantage of the free protection offered in the wake of the massive cyber breach. About 21.5 million current and former federal…
House Energy And Commerce Committee Reviews Cybersecurity Practices At HHS
King & Spalding write: On May 25, 2016, the House Energy and Commerce Subcommittee on Health held a hearing to examine the Department of Health and Human Services’ (“HHS”) cybersecurity responsibilities. The hearing focused on legislation that would create a new office within HHS, the Office of the Chief Information Security Officer (“CISO”), consolidating information…
Info on international students and hosting families exposed in misconfigured database
It may be hard to resist naming a database after a favorite movie, but a database named “Coruscant” caught a researcher’s eye when the researcher was searching Shodan.io for exposed databases. And the rest, as they say, well… read on. The Cambridge Institute of International Education (CIIE) is a Boston-based educational consulting firm whose mission is to boost the…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…
Spanish police organization hacked; agents’ info allegedly dumped
HackKnowledge.in reports that a hacker who uses the Twitter handle @FkPoliceAnonOps claims to have hacked the Mutual Social Security Police (mupol.es) and dumped information on 5,400 agents. The leaked data contains full names, email addresses, national ID numbers, and hashed passwords. Although law enforcement is investigating, it does appear that there is any official confirmation as to the accuracy…