The Office of Inadequate Security
From DataBreaches’ “Now what does THIS mean?” file, a notification letter from Dell & Dean PLLC, a law firm in New York. On July 17, Dell & Dean’s external counsel notified the Maine Attorney General’s Office about a breach in September 2022 that affected 6,803 people. A copy of the firm’s notification letter was appended…
The following is a press release issued yesterday by the U.S. Attorney’s Office, District of New Jersey: Two foreign nationals pleaded guilty today in Newark federal court to participating in the LockBit ransomware group – at various times the most prolific ransomware variant in the world – and to deploying LockBit attacks against victims in…
Cassandre Coyer reports: A US federal judge dismissed much of the Securities and Exchange Commission’s lawsuit against SolarWinds Corp. that alleged the software provider misled investors about its cybersecurity practices and the significance of a major data breach that spilled into the US government. Thursday’s ruling was seen as a blow to the SEC’s aggressive efforts to regulate…
James Bartolo reports: Pueblo County School District 70 is addressing a data breach and ransomware attack that may have compromised the personal information of former students, as well as current and former staff. The data breach is believed to have impacted a number of student records saved between 1991 and 2006. Past and present staff…
Website Planet reports that Jeremiah Fowler discovered a non-password-protected database that contained 148,000 records belonging to InHouse Physicians — a healthcare provider that offers on-site medical services and wellness programs to organizations, including corporate health and wellness solutions, event medical services, and occupational health programs. The non-password-protected database contained 148,415 PDF documents totalling 12 GB. Each document…
Jonathan Greig reports: One of the largest furniture companies in the U.S. was forced to shut down its manufacturing facilities following a ransomware attack that began last week. Bassett Furniture Industries said it shut down some of its information technology systems after it discovered unauthorized access on July 10. The hacker “disrupted the Company’s business…