In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York and Vermont. To view a copy of the agreement, click here. Source: MyFloridaLegal.com
Category: Breach Incidents
Systems East, Inc. notifies 209,000 consumers after database with some payment card info was hacked
It’s not often DataBreaches reads a breach disclosure that reports the theft of already-encrypted data, but a notification by Systems East, Inc. (SEI) in New York reported one such incident. SEI, which provides e-payment solutions and online payment processing services, notified consumers that on August 25, an unknown individual accessed certain systems on SEI’s network….
We seldom see breach reports from Nebraska, so here are two.
When DataBreaches compiles statistics on health data breaches for Protenus’s annual Breach Barometer, Nebraska generally has fewer than 10 breaches per year. Seeing two reports in one brief period is a bit unusual. This week, DataBreaches found that West Central District Health Department (WCDHD) had disclosed some kind of hacking incident that occurred between May…
NoEscape gang adds two more medical entities to their leak site
The NoEscape ransomware gang claims to have attacked two more medical entities. The first one is Southeastern Orthopaedic Specialists, P.A. in North Carolina. According to the threat actors, the network was locked on October 25, and 3 GB of files were exfiltrated. From the expanded listing (not shown here), it also appears that Southeastern…
Property management firm Homeland, Inc. allegedly hacked, hackers claim to have hundreds of thousands of SSN of tenants
Hunters International has added a property management firm in Kentucky to their leak site. They provide a description of what they claim to have acquired from Homeland, Inc.: Over 200Gb of data – tenants info (ssn, income, family members, phone numbers, etc) – service management info (move-in/move-out files, agreements, expenses, etc) – financial data (payments,…
If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very seriously are generally not being transparent in their breach disclosures. Their refusal to be transparent often results in consumers and patients being left in the dark about the risks…