David Hannant reports: A college has vowed to investigate after the personal details of hundreds of its applicants were emailed to a single parent by mistake. In August last year, the parent of a City College Norwich student was in an email exchange with one of the college’s customer service team when she received an…
Author: Dissent
Don’t Put All Your Eggs in the Silent-Cyber Basket
William P. Sowers Jr. and Michael S. Levine of Hunton Andrews Kurth write: The Eastern District of Pennsylvania recently gave another reminder why cyber insurance should be part of any comprehensive insurance portfolio. In Construction Financial Administration Services, LLC v. Federal Insurance Company, No. 19-0020 (E.D. Pa. June 9, 2022), the court rejected a policyholder’s attempt…
US govt warns of Maui ransomware attacks against healthcare orgs
Sergiu Gatlan reports: The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S….
Updating: Napa Valley College Recovering After June Ransomware Attack
There’s an update to the incident first disclosed by Napa Valley College on June 10 and reported in the media on June 25. On July 5, Edward Booth reported: The Napa Valley College website and network systems have been coming back online this week after being shut down by a ransomware attack in early June….
Mangatoon data breach exposes data from 23 million accounts
Lawrence Abrams; Comic reading platform Mangatoon has suffered a data breach that exposed information belonging to 23 million user accounts after a hacker stole it from an unsecured Elasticsearch database. Mangatoon is also a very popular iOS and Android app used by millions of users to read online Manga comics. Read more at BleepingComputer. Interestingly,…
Family Practice Center discloses a breach from October 2021
DataBreaches really and truly does not understand how entities can take so long to investigate some breaches before disclosing them. If HHS feels that seven months from the first detection of an attack to notification is reasonable or acceptable, then let it change the regulations. If it is not acceptable and HHS wants entities to…