It’s not just edtech vendors students need to watch out for when it comes to privacy and data security. Vendors that help process student loans may also put you at risk, as this notification from AccessLex Institute (dba Access Group) reminds us. The nonprofit organization, which provides financial education resources and services, writes: Dear [Name]:…
Month: April 2018
Altaba, Formerly Known as Yahoo!, Charged With Failing to Disclose Massive Cybersecurity Breach; Agrees To Pay $35 Million
From the SEC: The Securities and Exchange Commission today announced that the entity formerly known as Yahoo! Inc. has agreed to pay a $35 million penalty to settle charges that it misled investors by failing to disclose one of the world’s largest data breaches in which hackers stole personal data relating to hundreds of millions…
Seventh Circuit Affirms Dismissal of Schnuck Markets Data Breach Lawsuit
Ashley Miller writes: The United States Court of Appeals for the Seventh Circuit recently affirmed the dismissal of a putative class action brought by financial institutions against Schnuck Markets, Inc., following a data breach impacting Schnuck beginning late 2012. The plaintiffs attempted to assert claims of negligence, negligence per se, various contract claims, and violation…
CYBERSECURITY: DHS Needs to Enhance Efforts to Improve and Promote the Security of Federal and Private-Sector Networks
CYBERSECURITY: DHS Needs to Enhance Efforts to Improve and Promote the Security of Federal and Private-Sector Networks GAO-18-520T: Published: Apr 24, 2018. Publicly Released: Apr 24, 2018. VIEW REPORT (PDF, 22 PAGES) What GAO Found In recent years, the Department of Homeland Security (DHS) has acted to improve and promote the cybersecurity of federal and private-sector…
Careem knew – or should have known – that they had a serious problem last year: researcher
Mark Sutton has some follow-up commentary on the Careem breach reported on this site yesterday: Gregg Petersen of Veeam Software said that not alerting customers to the breach for so long “isn’t acceptable”, and that organisations need to work faster to maintain the trust of their customers. Jordanian cybersecurity expert Raed Nesheiwat also said that…
Data breach could impact some patients of medical lab chain with Alabama locations
Connor Sheets reports: A data breach may have resulted in the exposure of the personal and protected health information of patients of a medical lab chain with multiple Alabama locations. American Esoteric Laboratories announced Friday that it had become aware of a “data security incident” that could impact patients’ data security. An AEL employees’ company-issued laptop was…