In November, 2018, this site noted a breach disclosed by Huntsville Hospital involving JobScience, Inc., a vendor providing online job application services. On November 10, we reported that other entities were also affected, such as Tallahassee Memorial Hospital, who had been notified in September by JobScience, and NorthBay Healthcare Corp., who were notified in October….
Month: March 2019
Bitcoin Ransomware Cripples Boston Legal System for Two Weeks
P. H. Madore reports: Boston public defenders suffered a ransomware attack some weeks back but have chosen not to send the bitcoin demanded by the attacker. Instead, they decided to use back-ups to restore services. The Committee oversees public defenders in Boston. According to the Boston Globe, that decision has meant a “weekslong slowdown” that…
UK: Dorset school targeted in suspected ransomware attack
Cormac Connelly-Smith reports: Students at a Dorset secondary school have had their GCSE coursework held hostage by hackers. It is believed the Sir John Colfox Academy in Bridport was targeted by a ransomware attack, which locks victims out of their personal files unless they pay hackers to unlock them. The last major ransomware attack was…
Personal information of over 800,000 blood donors was accessible online for 2 months: HSA
Felicia Choo reports: The personal information of more than 800,000 people who have donated or tried to donate blood in Singapore since 1986 was improperly put online by a Health Sciences Authority (HSA) vendor for more than two months, but access to the database was cut off soon after the discovery. Disclosing this in a…
Data Breach Reporting Obligations in Saskatchewan
David Krebs and Jacey Safnuk of Miller Thomson LLP write: … Data breach reporting obligations in Saskatchewan are influenced by a total of four relevant pieces of legislation, covering both public and private sectors. These laws will not all apply to every potential breach, of course, but it is crucial for organizations to understand that more…
Unsecured Gearbest server exposes millions of shoppers and their orders
Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…