Another disheartening audit involving local government. From the NYS Comptroller’s Office: Town of Ontario – Information Technology, Financial Management and Procurement (2017M-137) Purpose of Audit The purpose of our audit was to evaluate the Town’s IT controls, financial condition and purchasing practices for the period January 1, 2015 through March 2, 2017. Background The Town…
Month: July 2018
UK: Independent Inquiry into Child Sexual Abuse fined £200,000 for revealing identities of possible abuse victims in mass email
From the Information Commissioner’s Office, this press release: The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 by the Information Commissioner’s Office(ICO) after sending a bulk email that identified possible victims of non-recent child sexual abuse. The Inquiry, set up in 2014 to investigate the extent to which institutions failed to protect…
Telefonica breach exposes personal data of ‘millions’ of customers
Carly Page reports: Spanish operator Telefonica has suffered a security breach that exposed the personal data of millions of customers. The breach allowed anyone to access the billing data of other customers, according to a report at El Espanol, which noted that the incident is similar to a serious failure that hit Spain’s system in July…
Sunspire Health notifying patients after employee email accounts accessed in phishing attack
Joseph Goedert reports: Sunspire Health, a nationwide network of addiction treatment facilities, is notifying an undisclosed number of individuals and offering them credit and identity monitoring services after several employee email accounts were accessed in a phishing attack. While the size of the Sunspire attack is not yet publicly known, the incident soon will be…
Thousands of patient records held for ransom in Ontario home care data breach, attackers claim
Matthew Braga, Lori Ward, Andrew Culbert report: The detailed medical histories and contact information of possibly tens of thousands of home-care patients in Ontario are allegedly being held for ransom by thieves who recently raided the computer systems of a health-care provider. CarePartners, which provides home medical care services on behalf of the Ontario government,…
Thousands of Mega logins dumped online, exposing user files
Zack Whittaker reports: Thousands of credentials for accounts associated with New Zealand-based file storage service Mega have been published online, ZDNet has learned. The text file contains over 15,500 usernames, passwords, and files names, indicating that each account had been improperly accessed and file names scraped. Patrick Wardle, chief research officer and co-founder at Digita…