Breach Incidents – Page 268

San Francisco Unified School District notifies families of Buena Vista Horace Mann students about data security incident

Posted on May 3, 2019 by Dissent

The San Francisco Unified School District recently notified families of current and former Buena Vista Horace Mann (BVHM) students about an incident in which student data was shared with some BVHM community members. An unsigned letter dated April 22nd from the district’s department of technology described what had transpired: On April 10, 2019, an electronic…

Was WallStreet Market seized by German authorities or is this just another part of the exit scam? [UPDATE: it’s real]

Posted on May 2, 2019 by Dissent

Did a darkweb marketplace known as WallStreet Market wind up seized by German authorities after its moderators pulled an exit scam? Or is what may be intended to look like a seizure by German authorities just another part of the exit scam? Today’s drama on the darkweb started after what appeared to be a seizure…

Hackers Snatch and Try Unsuccessfully to Ransom Data from IT Service Provider; CityComp’s Big Clients Impacted

Posted on May 1, 2019 by Dissent

Joseph Cox reports: Hackers have broken into an internet infrastructure firm that provides services to dozens of the world’s largest and most valuable companies, including Oracle, Volkswagen, Airbus, and many more as part of an extortion attempt, Motherboard has learned. The attackers have also released data from all of those companies, according to a website…

AZ: Is a Desert Valley Dental breach ongoing? And did OCR order them to notify patients?

Posted on May 1, 2019 by Dissent

So this is something that I don’t recall ever seeing before as part of an initial breach disclosure. CBS5 reports: A Phoenix dental office has an ongoing breach of protected health information, Arizona’s Family learned Monday. The U.S. Department of Health and Human Services Office of Civil Rights ordered Desert Valley Dental to inform the…

SkyMed Medical Evacuation Membership Service Exposed Data of 137k Members

Posted on May 1, 2019 by Dissent

Jeremiah Fowler reports on another unsecured elasticsearch database that his firm has found: On March 27th I discovered an unsecured Elasticsearch database that contained what appeared to be members of a medical evacuation membership service. Upon further inspection of the data there were many references that the data allegedly belonged to Florida based SkyMed. It…

HHS exercises enforcement discretion and reduces maximum civil penalties

Posted on April 27, 2019 by Dissent

Those who want to see HHS/OCR come down like a ton of bricks on more entities and impose heavier civil monetary penalties for HIPAA breaches will likely not be happy to learn that HHS has decided to reduce the maximum civil penalties it will impose for the four tiers of violations of HIPAA. Under the…