KRGV reports: Hundreds of La Joya ISD teachers’ personal information was accidentally released to the public. La Joya police chief Raul Gonzalez tells CHANNEL FIVE NEWS a representative who works at La Joya American Federation of Teachers accidentally sent out an email. That email contained the social security numbers and payroll deductions of 1600 La…
Month: September 2016
CalOptima notifies members of breach 8 months later?
CalOptima, the Orange County organized health system that administers health insurance programs for low-income children, adults, seniors and people with disabilities, posted the following on their web site: Notice of Data Breach At CalOptima, our mission is to provide members with access to quality health care services delivered in a cost-effective and compassionate manner. Protecting our members’…
Adventures in breach notification, Saturday edition
Someone should start a web site archiving the inappropriate responses we get when we try to notify entities that they’ve had a data breach. This would be my entry for today: I tried to alert an entity that they’d been hacked and data had been exfiltrated. It was after normal business hours, and I could find only one…
Hacker attacks American Human Rights Council and 62 other websites calling for jihad
India Ashok reports: A hacker going by the name MuslimLeets (aka Muj4hida) conducted targeted cyberattacks against the American Human Rights Council (AHRC) and 62 other websites, affecting businesses including those run by doctors, lawyers, real estate firms and more. The websites were defaced with messages calling for jihad. AHRC executive director Imad Hamad confirmed the hack in…
The Breach That Supposedly Isn’t a Breach
Discussing an incident disclosed by Troy Hunt this week, Jeremy Kirk reports: The handling of a recent data breach – the details of which are still unfolding – by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck. Read…
New York State Proposes Cybersecurity Regulation for Financial Services Institutions
Micaela McMurrough, Ashden Fein and Catlin Meade write: On September 13, 2016, New York Governor Andrew Cuomo announced a proposed regulation that would require financial service institutions to develop and implement cybersecurity programs to prevent and mitigate cyber-attacks. The proposed regulation will be subject to a 45-day comment period once it is published in the New York State…