From the FAQ (both the FAQ and HTML version have occasional errors and label certain dates 2023 when they were 2022): 1. What happened? On December 23, 2022, the California Secretary of State (SOS) was notified by a researcher that the records they were provided to view contained records not older than 75 years. Pursuant…
Category: Government Sector
3,400 death registry records accessed in Hawaii Department of Health data security breach
We do not see many breach notifications from Hawaii, but KHON made us aware of this reminder to disable access when an external employee terminates employment: HONOLULU, HI – The Hawai‘i Department of Health (DOH) will send out notification letters regarding unauthorized access to the DOH Electronic Death Registry System (EDRS), by the end of…
Capitol Hill data breach more ‘extensive’ than previously known
Sean Lyngaas reports: A sweeping cybersecurity breach of congressional members’ private information was more extensive than previously known and affects not only House lawmakers and their staff but also Senate employees. The Senate sergeant-at-arms alerted Senate staff about the breach Thursday in an email obtained by CNN. The compromised data is “extensive,” and includes sensitive data such…
EPA Requires States to Address the Cybersecurity of Public Water Systems
Ashden Fein, Micaela McMurrough, Caleb Skeath, and Matthew Harden of Covington & Burling write: On March 3, 2023, the United States Environmental Protection Agency (“EPA”) published a memorandum requiring states to evaluate the cybersecurity of operational technology used by public water systems (“PWSs”) “when conducting PWS sanitary surveys or through other state programs.” EPA’s memorandum “interprets the…
Boonton Police Captain Allegedly Steals Computer Towers, Internal Affairs Records
Frank L. Cahill reports: Attorney General Matthew J. Platkin confirmed charges against a Boonton police captain who allegedly stole his internal affairs records and computer hardware containing police data from the Boonton Police Department. Stephen Jones, 42, of Toms River, has been charged with computer theft, tampering with public records, and other offenses in connection…
City of Waynesboro targeted in cyber attack
Anahita Jafary reports: Some personal information in floating around in cyberspace after a ransomware attack against the city of Waynesboro. The city’s manager, Mike Hamp, said in a statement they were notified of a potential cyberattack in January. It affected Waynesboro’s information technology infrastructure. Hamp declined to meet or speak with NBC29, but in the…