The government issued a warning this week reminding people that threat actors are likely to attack when entities are short-staffed due to weekends or holidays. Brett Callow posted an interesting graphic on Twitter that may help drive that point home: “What did you do last weekend, Mrs Ransomware Criminal?” “Oh, not much. I was busy…
Category: Breach Incidents
Dallas Independent School District reveals breach, but details are still missing
As seen on their web site: Information on Dallas ISD data security incident The Dallas Independent School District recently received notice of a data security incident involving the district’s electronic records that may affect former and current students, alumni, parents, and district employees. The confidentiality, privacy, and security of information in our care is one…
Career Group, Inc. notifies more than 49,000 after paying ransom to threat actors
I haven’t seen any mention of this in news or on their web site, but Career Group Inc. suffered a ransomware attack recently and is notifying those impacted. In a copy of the notification submitted to the Maine Attorney General’s Office, they report that on July 2, Career Group Companies detected potential unauthorized access to…
700,000 French pharmacy Covid test results left publicly available
Ellie Fullalove reports (machine translation follows): A data leak involving an online platform used to transfer data from antigen tests carried out at pharmacies to the government platform SI-DEP has made 700,000 covid test results public, along with personal information. The platform known as Francetest was alerted to the bug in its system by the…
Sturdy Hospital in Attleboro sued over data breach
George W. Rhodes reports: A class action lawsuit has been filed against Sturdy Memorial Hospital alleging it failed to properly protect personal patient information that was stolen in a ransomware attack earlier this year. […] “Defendant maintained and secured the PII (personally identifiable information) in negligent manner by failing to safeguard against ransomware attacks,” the…
VaxiCode flaw: Quebec refused to give immunity to the whistleblower
Thomas Gerbet reports (machine translation follows): Contrary to what the Minister of Digital Transformation, Eric Caire, said, the Quebec government has never offered immunity to the computer scientist who discovered the security flaw in the VaxiCode health passport application. Exchanges of emails obtained by Radio-Canada reveal the underside of this affair and show that the…