From the I-have-questions department: Nevada Restaurant Services reported that they experienced a breach in January of this year and that the threat actor was able to copy some of their files. The type of data varied by person but the notification stated that the scope of information potentially involved includes individuals’ name, date of birth,…
Author: Dissent
Chinese hackers behind July 2021 SolarWinds zero-day attacks
Catalin Cimpanu reports: In mid-July this year, Texas-based software provider SolarWinds released an emergency security update to patch a zero-day in its Serv-U file transferring technology that was being exploited in the wild. At the time, SolarWinds did not share any details about the attacks and only said that it learned of the bug from…
NC: Sandhills Center Provides Notice of Potential Data Theft
On July 30, 2021, DataBreaches.net reported on a claimed cyberattack against Sandhills Center in North Carolina. Data for sale had shown up on the “Marketo” site, and when DataBreaches.net looked at the “proof packs,” of data, they included psychological evaluations and other documents with personal and sensitive information. Much of the data was old, and…
Student files class action lawsuit against Syracuse University over data breach that affected 10,000
Michael Sessa reports: A Syracuse University student affected by a data breach that exposed the names and Social Security numbers of nearly 10,000 students, alumni, and applicants is suing the university for negligence. The class action lawsuit, which was filed in Onondaga County Supreme Court on Thursday, alleges that inadequate cybersecurity protocols and poor staff…
Data breach at Coalinga State Hospital reveals private information on nearly 1,800 patients
KFSN reports: On Friday, the State Hospital Department announced a privacy breach at Coalinga State Hospital. Employees have improperly provided confidential information about approximately 1,800 patients now and in the past to the US District Court in the Eastern District of California, officials said. The breach occurred on July 21, 2013, October 12, 2016, and…
Private information of 2,841 students accidentally released; School division did not make proper notice — regulator
CBC reports: A recent report by the Saskatchewan information and privacy commissioner’s office revealed that private information of 2,841 students was accidentally made public last year. The records in question included students’ names, identification numbers, phone numbers, grades and parent email addresses. The school division, which is in southwest Saskatchewan and has more than 6,000…