In 2014, Nuance Communications discovered that anyone could access protected health information on one of its platforms. After the situation persisted for years, a former employee decided to submit a whistleblower complaint to HHS. For his efforts, he spent more than one year fending off threatened federal hacking charges, even though no hacking was involved….
Category: U.S.
Cyberattack takes down L.A. Unified operations. Schools will open on Tuesday
Updated Sept. 8: Vice Society has claimed responsibility for the attack. As Jeremy Kirk commented, it was somewhat expected given that CISA published an advisory about Vice Society after the attack. Original post: Howard Blume reports: A cyberattack brought down the computer systems of the Los Angeles Unified School District over the weekend, but officials…
Hackers acquire info on current and former students and staff at Savannah College of Art and Design
Dealing with a patchwork of state data breach notification laws can be challenging. Dealing with state laws, federal regulations, and the GDPR can be even more difficult. But that may be the situation for Savannah College of Art and Design (SCAD), a private school in Georgia that enrolls students from other states and has a…
KeyBank: Hackers of third-party provider stole customer data
Frank Bajak reports: Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company,…
Bits ‘n Pieces, Saturday morning edition
In February 2022, NFL’s San Francisco 49ers confirmed a ransomware attack by BlackByte. This week they started mailing notification letters to more than 20,000 people. * * * In a bizarre incident, hackers broke into the ride-hailing service provider Yandex Taxi’s software and sent dozens of cars to the same location, resulting in a traffic…
IRS ‘mistakenly’ posts names, contact numbers and financial information from 120,000 taxpayers’ retirement accounts on its website thanks to human coding error
Ronny Rayes reports: The Internal Revenue Service ‘mistakenly’ posted the names, contact data and financial information from about 120,000 taxpayers’ retirement accounts. The US Treasury Department determined that a human coding error allowed the confidential information to be posted on the IRS’ website before it was taken down, the Wall Street Journal reported. Read more at The…