Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the customized merchandise website CafePress.com. Although the unanimous consent order focuses primarily on the company’s lax security practices, which allegedly led to multiple data breaches, there are also a few…
Category: U.S.
FTC Takes Action Against CafePress for Data Breach Cover Up and Poor Security
The FTC has taken enforcement action against CafePress stemming, in part from a 2019 data breach previously reported on this site. In December, 2020, seven states settled charges with CafePress. The Federal Trade Commission today took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and…
East Tennessee Children’s Hospital Statement on Security Issue
Published on March 14, 2022 East Tennessee Children’s Hospital has been a victim of an information technology security issue in the evening hours of Sunday, March 13, 2022. Maintaining the safety and security of our patients and their care is our top priority. We are still able to care for our patients. Our cyber forensics teams…
State Bar Breach Exposed Thousands More Confidential Records Than Original Estimates, Investigation Shows
Alaina Lancaster reports: More than 60,000 additional confidential attorney discipline records were exposed in a data breach of the State Bar of California’s case management system, according to an ongoing investigation. The bar’s IT incident response team and a third-party forensic firm calculated that more than 322,525 confidential records were available during the leak, compared to…
NH: Litchfield School District employee wrongdoing created student data security incident
On January 19, 2022, the Litchfield School District in New Hampshire notified the state’s Attorney General of a data security/privacy incident that seems to have previously escaped this site’s awareness. Let’s correct that now. From their report: On December 6, 2021, the District discovered that an individual with authority to access student records exceeded their…
The Human Factor in Data Security Breaches
Breaches involving the pharma sector may or may not involve patient data, but as we saw early on the pandemic, hitting the pharma sector when it is working on developing vaccines, testing vaccines, or distributing vaccines can have significant national and global health implications. Julian Upton reports: The pandemic’s exacerbation of the pharmaceutical industry’s exposure…