Kim Powell reports: Phoenix Children’s sent an email to nearly 370 employees, identifying them as exempt from the hospital’s COVID-19 vaccine mandate. “Wow, what pretty flagrant violation of the law. It’s impressive for how clear-cut it is,” said Alexander Kolodin, an attorney hired by a nurse on the email. “This is something that should never…
Category: U.S.
UT: EMI Health alerting plan members to breach — notices will follow at a later date
EMI Health is committed to protecting the confidentiality and security of our members’ information. Regrettably, we recently identified and addressed a security incident that involved some of our members’ information. On August 10, 2021, we identified unusual network activity. We immediately took steps to secure the network and began an investigation with the assistance of…
PA: Corry School District says ransomware attack may have exposed current — and very old — data on staff, students
Here we go again — another ransomware attack on a k-12 school district, and the threat actors may have obtained current — and very old — data on both students and personnel. Kudos to the district for promptly alerting their community as to the possibility and risks, but still, this is serious. So far, this…
Thief Who Swiped 94,000 Credit Card Numbers At Michaels Stores In NY, NJ, CT, PA Sentenced
Jerry DeMarco reports an update to a breach previously covered extensively on this site over the past decade. A member of an ID theft ring that stole more than $600,000 from customers at Michaels stores in New York, Connecticut, New Jersey, Pennsylvania, and elsewhere was sentenced to 51 months in federal prison on Thursday. Jose “Tito”…
Ohio State University email gaffe creates a FERPA breach
An email gaffe due to not using bcc: instead of cc: or TO: revealed almost 400 Ohio State University students’ disability status to other students. Read the story on The Lantern. Note that this is a FERPA issue, and there really is no requirement for breach notification to those impacted, but the unintended disclosure needs…
Salt Lake IT worker arrested, charged with sharing info on undercover officers
Another really serious insider-wrongdoing breach, if the allegations are true. Hayley Crombleholme reports: Salt Lake City Police Chief Mike Brown called allegations that a city employee accessed the names of undercover officers, metro gang files, and other restricted documents “very concerning.” The man was identified in a probable cause document as Patrick Driscoll, an IT…