It’s not just edtech vendors students need to watch out for when it comes to privacy and data security. Vendors that help process student loans may also put you at risk, as this notification from AccessLex Institute (dba Access Group) reminds us. The nonprofit organization, which provides financial education resources and services, writes: Dear [Name]:…
Category: Breach Incidents
Careem knew – or should have known – that they had a serious problem last year: researcher
Mark Sutton has some follow-up commentary on the Careem breach reported on this site yesterday: Gregg Petersen of Veeam Software said that not alerting customers to the breach for so long “isn’t acceptable”, and that organisations need to work faster to maintain the trust of their customers. Jordanian cybersecurity expert Raed Nesheiwat also said that…
What led to Nova Scotia’s privacy breach
CBC News has an update to a government leak incident noted previously on this site. This is a case where the government’s response to their security failure was to criminalize the behavior of the teen who downloaded what were freely available reports. When the public went up in arms over the government’s attempt to cast him…
Illinois incorrectly mailed out personal information to more than 4,000 people
Bill Lukitsch reports: Personal financial and medical information of more than 4,000 people was mailed to the wrong addresses earlier this year, two state agencies announced Friday. “Notices containing personal information were mailed to 4,136 individuals at incorrect addresses,” a news release from the Illinois Department of Healthcare and Family Services and Department of Human…
Sangamo Therapeutics Says Co Announced A Data Security Incident Involving Compromise Of A Senior Executive’s Company Email Account
Reuters points us to an 8-k filing by Sangamo Therapeutics in California that discloses a data breach: On April 17, 2018, Sangamo Therapeutics, Inc. (the “Company”) announced a data security incident involving the compromise of a senior executive’s Company email account. Upon learning of the incident on March 28, 2018, external network security experts were promptly engaged,…
Blue Shield of California notifies members of privacy breach
As submitted to the California Attorney General’s Office: On March 23, 2018, the Blue Shield of California (Blue Shield) Privacy Office received confirmation that your Protected Health Information had been shared with an insurance broker who was not authorized to receive it. The disclosure occurred in November 2017, during the 2018 Medicare Annual Enrollment Period,…