Claims of “negligence” are often raised in lawsuits. DataBreaches is not a lawyer, of course, but wonders whether by now, we should consider a plastic surgeon “negligent” in their data security if they store nude photos of their patients with patient names and identity information in plain text and no strong encryption or suitable alternative…
India: Servers of two city hospitals hacked; police register FIR
The Times of India reports: New Delhi: Delhi Police has registered an FIR after the servers of two hospitals in north Delhi, Sant Parmanand Hospital in Civil Lines and NKS Super Speciality Hospital in Gulabi Bagh, were allegedly hacked. Patient data, financial records and administrative files were accessed during the breach, which took place…
Ph: Coop Hospital confirms probe into reported cyberattack
Palawan News reports: The Palawan Medical Mission Group Multipurpose Cooperative (PMMGPMC), operator of the Coop Hospital in Puerto Princesa City, confirmed Thursday night that it is investigating a reported ransomware attack allegedly carried out by the cybercriminal group Qilin. The confirmation came in a public advisory following claims that Qilin, a ransomware-as-a-service (RaaS) operation that…
Slapped wrists for Financial Conduct Authority staff who emailed work data home
How many warnings would you give employees not to send work to their personal email accounts? And why hasn’t a government agency deployed a software solution to prevent such transmissions? Connor Jones reports: Four staffers at the UK’s Financial Conduct Authority (FCA) were let off with warnings over separate cases involving the transmission of regulator…
School Districts Unaware BoardDocs Software Published Their Private Files
Mark Keierleber has an interesting and concerning update on the BoardDocs breach previously reported by DataBreaches on June 1: BoardDocs, a software tool used by thousands of school boards to track meeting minutes and store confidential information, has suffered a data breach affecting districts nationally, The 74 has learned. Records at the center of the…
A guilty plea in the PowerSchool case still leaves unanswered questions
On June 6, 19-year-old Matthew D. Lane pleaded guilty in federal court in Massachusetts to one count each of conspiracy to commit cyber extortion, cyber extortion, unauthorized access to protected computers, and aggravated identity theft. The first two charges were related to an unnamed telecom company identified as “Victim 1.” The third and fourth charges…