Alek Lewis reports: The Riverhead Central School District was hit by a ransomware attack this morning, shutting down the district’s computer and technology infrastructure for what officials said could be several days. The district sent out a statement this morning at 8:48 a.m. on their social media alerting parents to what was then described as…
Category: U.S.
Snatch ransomware team adds health insurer victim to their leak site
In April, CareFirst BlueCross Blue Shield posted a notice on its website concerning a ransomware attack in January. The health plan’s announcement reports that the preliminary assessments suggested that: the attack was limited to CHPDC. Early analysis also indicates that members of other CareFirst BlueCross BlueShield companies, the Federal Employees Program (FEP) and Federal…
Oops! County explains how driver’s licenses were posted in place of animal adoption photos
Jakob Emerson reports: Sangamon County Animal Control (SCAC) is embroiled in a community controversy once again. SCAC is responsible for the sharing of uncensored photos of Illinois driver’s licenses to the internet in the place of photos of animals available for adoption at the facility. Anyone in the world with an internet connection could see photos, names,…
Planned Parenthood’s Los Angeles clinics hit by ransomware; patient data stolen
Reuters reports: Planned Parenthood’s Los Angeles clinics suffered a ransomware attack in October and personal information of 400,000 patients was stolen, a spokesperson for the women’s reproductive healthcare organization said on Wednesday. Spokesperson John Erickson said an “unauthorized person” gained access to the Los Angeles affiliate’s network between Oct. 9 and 17 and installed ransomware…
UK watchdog’s punishment for Blackbaud, Easyjet, other big privacy lawbreakers was slap on the wrist in private
Gareth Corfield reports: Blackbaud was given a private slap on the wrist by the UK’s Information Commissioner’s Office (ICO) after paying off criminals who stole users’ financial data from the cloud CRM biz’s servers. The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked…
Vendors and HIPAA
Matt Fisher of Carium writes: An important part of establishing strong security for an organization rests with how it interacts with its vendors. The creation of a chain of entities creating, interacting with, storing, or otherwise handling sensitive patient information starts at the top, but can easily and frequently go down many layers. Given the…