Josh Renaud reports: Documents containing Social Security numbers and other private information for thousands of Missourians are accessible to anyone using the Casenet website, the state’s judicial records system, the Post-Dispatch recently discovered. Missouri Supreme Court officials have acknowledged the issue after being alerted by the Post-Dispatch, and they fixed one vulnerability on Casenet. But…
Category: Breach Incidents
BakerHostetler’s 9th annual Data Security Incident Response Report
BakerHostetler’s annual report is out, and as always, it is a great read because it provides statistics and analysis of the more than 1,100 data breach incidents the law firm handled in 2022. Ted Kobus provides a bit of the history of the firm’s Digital Assets and Management Group. Here’s just one graphic from the…
Two ransomware groups list Albany ENT & Allergy Services on their leak sites
On April 23, the BianLian ransomware group listed: A***** *** * ******* S******* BianLian often uses the asterisk system before they actually name the victim and leak data. Today, though, DataBreaches also saw the following on the RansomHouse leak site: Albany ENT & Allergy Services They’re both listing the same entity (even the listed revenues…
NYSARC Columbia County Chapter confirms July, 2022 ransomware incident
Nine months after detecting abnormal activity on their systems, and seven months after first publicly acknowledging a breach, NYSARC Columbia County has issued another press notice. Their newest notice is somewhat confusing in that it states that they “will issue notices to affected individuals and relevant state and federal agencies about the incident.” But then…
Aeries Settles Data Breach Lawsuit for $1.75M; Illuminate Suit is Dismissed – For Now
Kristal Kuykendall reports on the very different outcomes of two class action lawsuits stemming from breaches involving EdTech. Both of these lawsuits’ outcomes have been reported previously on DataBreaches, but this article says that both cases, despite the vastly different outcomes so far, should put EdTech vendors on notice. In a class-action lawsuit filed on…
Naivas Supermarket’s System Hacked, Data Stolen
Wycliffe Musalia reports that Kenya’s Naivas supermarket chain in Kenya has been the victim of a ransomware incident, but the chain assures customers that certain customer data such as payment card data was never at risk because it is not stored on their system. From the news report, it sounds like the company notified law…