Lindsey O’Donnell reports: Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident Researchers are warning that the websites of eight U.S. cities – across three states – have been compromised with payment card-stealing Magecart skimmers. The websites all utilize Click2Gov municipality payment software, which was previously…
Category: Breach Incidents
CHI St. Luke’s Health Memorial Lufkin notifies patients of April security incident
June 22 — CHI St. Luke’s Health-Memorial Lufkin announced today that it has taken action after becoming aware of an incident that took place on April 23, 2020 in which an unapproved third party gained access to patient information. Though we have no evidence to confirm that information was actually viewed or obtained by the…
Deloitte Consulting sued in two states over unemployment portal data security issues
Last month we started seeing reports of data leaks or breaches involving state unemployment benefits application portals. We also started seeing reports of lawsuits filed as a result. Ben Szalinski reports that in Illinois, one of the nearly 32,500 applicants who had private information exposed said it was used to access her bank account. Briana…
Why weren’t patients told that their data was dumped publicly?
On May 13, DataBreaches.net reported that Ako ransomware operators revealed that they had attacked North Shore Pain Management in Massachusetts. The threat actors announced the attack and dumped some of the practice’s files when the medical practice did not pay their ransom demand. The data dump, consisting of more than 4 GB of more than…
Minted hit with California data breach lawsuit after ShinyHunters hack
We anticipated a lot of lawsuits would be filed under California’s new law, the California Consumer Privacy Act (CCPA), as it imposes a data security duty on organizations. But will any of the complaints filed withstand early motions to dismiss? The CCPA requires complainants to give the organization 30 days to “cure” a violation and…
More than just health concern at coronavirus test sites: Are you exposing your personal information to security risks?
I fear that numbers on privacy breaches and data breaches stemming from COVID19 or involving COVID19 data are going to be staggering this year. Karina Elwood and Cindy Krischer Goodman report: When Elizabeth Spinelli arrived at Fort Lauderdale’s Holiday Park for a coronavirus test, a nurse handed her a form to write her name, address,…