Here’s your occasional reminder about insider-wrongdoing breaches. Katie Sergent reports: City officials notified all staff of a data breach impacting about 250 current and former city employees, according to Kalamazoo Communications Manager Michael Smith in a statement to News Channel 3 Wednesday. The breach involved two former city employees, and was discovered on March 28…
Category: U.S.
Google Database Reveals Thousands of Privacy Incidents
Joseph Cox reports: Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported privacy incidents, according to a copy of an internal Google database which tracks six years worth of potential privacy and…
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and…
Davis County high school students are hacking the hackers behind phishing schemes
Don Brinkerhoff reports: A group of high school juniors in Davis County are hacking the hackers to protect phishing victims. “All my friends and peers around me got hacked,” said Charles Mortensen a Davis County student. Mortensen said in one case, a friend who’s in foster care had her Instagram account hacked. That was the…
HHS OCR: Covered entities affected by the Change Healthcare breach may delegate tasks of providing HIPAA breach notifications to Change Healthcare
May 31 – Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published an update to the frequently asked questions (FAQs) webpage concerning the Change Healthcare cybersecurity incident. The webpage, first published on April 19, 2024, provides answers to FAQs concerning the Health Insurance Portability and Accountability Act of 1996 (HIPAA)…
911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation
A court-authorized international law enforcement operation led by the U.S. Justice Department disrupted a botnet used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations. As part of this operation, YunHe Wang, 35, a People’s Republic of China national and St. Kitts and Nevis citizen-by-investment, was arrested on May 24…