NOTE: This incident was reported to the Maine State Attorney General’s Office as affecting 206,000 individuals. Nice follow-up by Pellissippi State Community College in Tennessee to their initial breach disclosure in December. From their website yesterday: Pellissippi State Community College is sending out notifications today regarding a December 2021 data security incident. That incident may…
Author: Dissent
1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Info — Mandiant
Daniel Kapellmann Zafra, Corey Hidelbrandt, Nathan Brubaker, and Keith Lunden of Mandiant write: Data leaks have always been a concern for organizations. The exposure of sensitive information can result in damage to reputation, legal penalties, loss of intellectual property, and even impact the privacy of employees and customers. However, there is little research about the…
CareSouth Carolina hit with proposed class action lawsuit
ClassActions.org reports that CareSouth Carolina has been hit with a potential class action lawsuit. The caption is Mixon v. CareSouth Carolina, Inc. § 4:22-CV-00269 You can access a copy of the complaint at https://www.classaction.org/media/mixon-v-caresouth-carolina-inc.pdf The lawsuit stems from what the complaint describes as an attack against CareSouth in 2020 that was first reported to affected individuals…
Your morning reminder that health data breaches are … everywhere (updated)
Every day, I compile data on breaches or leaks involving medical or health data. Many of them never appear on this blog at all. Others will appear on this blog many months before the entity ever discloses the breach to regulators or those impacted. Many of the incidents I compile will not attract a lot…
Cyber-attack strikes German fuel supplies
Joe Tidy reports: A major fuel supplier in Germany is operating at a “limited capacity” after a cyber-attack disrupted IT systems at the weekend. Oiltanking Deutschland GmbH & Co. KG stores and transports oil, vehicle fuels and other petroleum products for companies like Shell. It says it discovered it had been hacked on Saturday. It…
UK: Full cost of 2020 cyber attack on SEPA still not known
In January 2021, the Scottish Environmental Protection Agency (SEPA) disclosed it was in the throes of a ransomware attack. In June 2021, SEPA revealed that it was building a new IT system from scratch and had not recovered all of its files. Now, Andrew Picken of BBC reports: Scotland’s environment watchdog has written off £2m…