Express & Star reports: The council mistakenly sent the list of children, including personal information, to a number of its in-house foster carers. It has now launched an investigation into the data breach and insisted that ‘no children were put at risk’. But County Councillor George Adamson, who is also the leader of Cannock Chase District…
Category: Breach Incidents
The FTC’s Data Security Error: Treating Small Businesses Like The Fortune 1000
Gus Hurwitz has a great commentary on LabMD v. FTC and an amicus brief filed by privacy law scholars in support of the FTC. I say “great” because I agree with him completely. I hold the privacy law scholars who filed the brief in very high regard, but reading their brief, I felt like it was…
The CoPilot Provider Support Services incident: The HIPAA issue
In the first part of a discussion of an incident reported by CoPilot Provider Support Services, this site reported claims by John Witkowski, a former employee, that CoPilot had not reported accurately on the incident. In this part, we focus on just one of CoPilot’s claims – that they are not a business associate under HIPAA….
OCR investigating CoPilot Provider Support Services breach; former employee lodged complaint
When CoPilot Provider Support Services recently disclosed a security incident that they had known about since 2015, their statements might have led you to believe that a disgruntled former employee had hacked them or misused previously authorized access, and that law enforcement might be looking into criminal charges. If you thought that, you were wrong on both counts. CoPilot Provider Support Services (“CoPilot”) describes itself…
2016 W-2 data up for sale on the dark web (updated)
As regular readers know by now, DataBreaches.net has been compiling reported instances of W-2 phishing scams. As part of that investigation, I decided to take a quick look today at some dark net marketplaces to see if any data were up for sale. Brian Krebs had reported on this issue in January after finding a…
Are Courts the Next Frontier in Fight Against State Hacking?
Ben Hancock discusses another strategy for responding to state hacking: trying to sue them under the CFAA, although state claims would also be needed: “It is important to consider other, complementary options,” added Hinnen, who previously dealt with national security issues as a senior lawyer at the Justice Department. “One option worth consideration is enabling…