Steven Musil reports: The hacker responsible for the massive 2019 data breach of Capital One has been sentenced to time served and five years of probation. US District Judge Robert S. Lasnik said sentencing former Amazon systems engineer Paige Thompson to time in prison would have been “particularly difficult on her because of her mental health and…
Author: Dissent
City of Tucson discloses data breach affecting over 125,000 people
Sergiu Gatlan reports: The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. As revealed in a notice of data breach sent to affected people, an attacker breached the city’s network and exfiltrated an undisclosed number of files containing sensitive information. Read more at Bleeping Computer.
Hundreds of students have personal emails exposed in data breach at University of Limerick
Donal Macnamee reports: Hundreds of people had their personal email addresses exposed in a significant data breach at the University of Limerick (UL), the Business Post has learned. The incident, which took place in August, impacted Central Applications Office (CAO) applicants considering studying at the university, and has been referred to the Data Protection Commission (DPC). Read…
Hospital That Disclosed Health Data to Foundation Wins Appeal
Christopher Brown reports: A hospital’s disclosure of patient health information to its charitable foundation didn’t violate the Minnesota Health Records Act, a state appellate court ruled. The MHRA permits disclosures of a patient’s health records without the patient’s consent when the disclosure is authorized in federal regulations, the Minnesota Court of Appeals said. Read more at…
Russian-speaking hackers knock US state government websites offline
Sean Lyngaas reports: Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states — the latest example of apparent politically motivated hacking following Russia’s invasion of Ukraine. The Kentucky Board of Elections’ website, which posts information on how to register to vote, was also temporarily offline…
HSE hack victims who had personal information stolen have not been told they were targets
Ferghal Blaney reports: Hacking victims who had their personal information stolen during the HSE ransomware attack last year have not been told they were targeted. It’s a legal requirement for the health authority’s IT management to inform them under GDPR rules. The HSE said in a statement that it was taking time to get through all of the…