Here’s a good example of how monitoring and logs can detect a problem and prevent even more problems. Michigan Medicine detected an employee accessing patient records without legitimate need. The improper access began in December, 2021, and continued until it was caught by monitoring on January 25, 2022. Access was cut off on January 27…
Category: U.S.
Allen ISD cybersecurity update: personal information of more than 500 employees hacked in September 2021
Jay Wallis provides an update on the Allen ISD ransomware incident first reported by the district in September. Part of the district’s newly revealed findings: According to the investigation, there is no evidence that any unauthorized user got into Allen ISD’s databases, including the Student Information and Financial databases. District officials said they determined that…
NC: Charlotte Radiology notifies patients of December security incident
Joe Marusak reports: A prominent Charlotte medical services provider experienced a recent weeklong data breach in which some patient information was stolen, “including a very limited number of patients’ Social Security numbers,” company officials said Friday. In a statement, Charlotte Radiology officials said they found no evidence of “fraud or misuse” as a result of…
Sea Mar Community Health Centers Hit with Class Action Suits Over 2021 Data Breach
Kendal Enz reports: Sea Mar Community Health Centers is facing numerous class action complaints for alleged inadequate cyber security procedures that resulted in a data breach of more than 650,000 class members’ sensitive information. The complaints, which were filed in November 2021 in King County Superior Court, were removed to Washington’s Western District Court this…
NY: Nassau notifies 209 workers their confidential personal data may have been breached by employees
Scott Eidler reports: Nassau officials have notified more than 200 current and former employees in the Assessment Department their confidential personal data may have been breached after some co-workers last year gained unauthorized access to human resources information about department workers. In a letter Thursday to Nassau County Executive Bruce Blakeman and county legislators, Technology…
TCEA 2022: One School District Shares What Not to Do to Prevent a Ransomware Attack
Tasshi Rowe reports: “It’s like your home was robbed, and there’s nothing you can do about it. We had 800 employees and 5,200 kids, and everybody is shut down,” said Julie Gauthier. The deputy superintendent of Port Neches-Groves Independent School District in southeast Texas explained to a room full of TCEA attendees in Dallas what it…