Carten Cordell reports: A series of four audits by the General Services Administration’s inspector general have found that the agency’s cloud computing system made personally identifiable information accessible to employees and contractors not authorized to have it. The audits, which were instituted after the OIG found multiple instances where sensitive information was accessible on GSA’s…
Month: January 2017
Austrian hotel pays ransomware demand to unlock guests’ rooms (Fake news?)
Update: I think we need to forget about this story’s claim of guests being locked in rooms, etc. This now appears to be fake news based on a report from a site that is not a reputable news site. I’m not sure about another site that carried the story of ransomware but without the bit about guests…
Held in Prague, Nikulin at center of ‘intense’ US-Russia tug of war
Roger Tait and Julian Borger report: An alleged computer hacker being held in the Czech Republic is at the centre of an international legal tussle between the United States and Russia amid lingering disquiet over Moscow’s alleged interference in the recent US presidential election. Read more on The Guardian. Considering that Interpol had picked him up…
Payroll service mistakenly ships packages with W-2 records to wrong address — twice
It’s worrying that once again, criminals are successfully tricking employees into emailing employees’ W-2 data to them. But how about when a company just mails out W-2’s to the wrong address – and not once, but twice? The San Diego Union-Tribune reports that Paychex, a payroll service, has twice shipped scores of confidential salary records and other documents to…
Rogue Tweeters in Government Could Be Prosecuted as Hackers
AP reports: Who are the federal government’s rogue tweeters, using official agency social media accounts to poke President Donald Trump? Are these acts of civil disobedience, or federal crimes? The online campaign began with unauthorized tweets – on subjects such as climate change inconsistent with Trump’s campaign statements and policies – that have been mostly…
MultiCare breach allows access to personal records for 1,200 patients
KING5 News reports: A data breach in November 2016 at MultiCare Health System allowed access to 1,200 patients’ personal records, the non-profit reported Thursday. At this time, Multicare does not believe any patient information was accessed or misused, but patients who were potentially affected will receive a letter from MultiCare by Feb. 6. […] An…