It appears we have another criminal prosecution under HIPAA. In May 2014, ProMedica disclosed that almost 600 Bay Park Hospital patients were to be notified of an insider breach. In June, police announced that no criminal charges would be filed because their investigation found that no patient information such as social security numbers or financial…
Category: U.S.
Wellesley College data dumped; server vulnerable to SQLi
So yesterday, TeaMp0isoN’s timeline looked like this (click on image to enlarge): Then this happened: Creds to @_TeaMp0isoN_ For Vulnerability Alert. Login Drop. [url redacted by DataBreaches.net] — Chief (@Puttied) April 5, 2015 The data dump was prefaced with this message: DB Drop BY Chief(@Puttied). Site : http://mobius.wellesley.edu/ This is their latest Login DB as…
Tewskbury Police Pay Ransom After CryptoLocker Lockup
Jayne W. Miller reports that when Tewksbury Police discovered that the department’s network had been locked up by CryptoLocker last December, the town decided to pay the $500 bitcoin ransom. Of course, that’s exactly what experts recommend folks NOT do, as it only encourages more attacks on others, but hey, this is the same town that just…
Change.org springs a leak, exposes private e-mail addresses [updated]
Earlier this week, Dan Goodin reported: Online petitions service Change.org has a website bug that’s disclosing e-mail addresses that presumably belong to current or former subscribers. Search results suggest the number could be thousands, but a Change.org official said it was about 100. The disclosure bug was active at the time this post was being…
Horrific privacy breach by Tewksbury Public Schools
Cross-posted from PogoWasRight.org. Okay, this is really bad, on multiple levels. Brendan Foley and Jayne Miller report: Tewksbury Public Schools face angry parental backlash following the release of private student information online last week. A document included in a 222-page School Committee packet remained online for the better part of a week, before being taken…
MI: Monroe High School student hacker disrupts school district Internet
Ray Kisonas reports: A Monroe High School student is facing possible felony criminal charges after the district’s computer system was hacked and its Internet service disrupted several times over the past two weeks. The alleged cyber-hacker, a senior, has been removed from school and faces disciplinary action in addition to legal troubles. Monroe Public Schools…