Nick Perreault reports: A 12-year-old student could face a felony charge after reportedly hacking into the Baker County Middle School’s WiFi about two weeks ago, all because the student didn’t want to do school work. On Nov. 13, the student used a school-issued laptop to get the school’s IP address. Using another student’s cell phone,…
Category: U.S.
NM: Youth Development, Inc. discloses breach that occurred last year
Youth Development, Inc. in New Mexico (YDI) describes itself as the largest community and family based agency in New Mexico. They offer services in early childhood education, mental and behavioral health, education, employment, and career training. From the statistics they provide about children in New Mexico, their services appear to be sorely needed. Sadly, however,…
Montgomery County Public Schools incident was bigger than initially thought: UPDATE
In October, Montgomery County Public Schools in Maryland notified parents after one of their high schools in Naviance was hacked. At the time, the high school reported that it had suffered a brute force attack on October 3 that impacted 1,343 Naviance student accounts and one parent/guardian account at Wheaton High School. On November 25,…
IvyRehab reports data security breach after employee email accounts compromised
Update: This incident was subsequently reported to HHS as affecting 125,000 patients. Lee News reports: BLOOMINGTON — Ivy Rehab Physical Therapy, which has locations in Bloomington, Decatur and Clinton, has reported a data security breach and offering free credit monitoring to concerned patients. […] In May, the company discovered some employee email accounts may have…
Facebook must face data breach class action on security, but not damages: judge
Jonathan Stempel reports: A federal judge said up to 29 million Facebook Inc (FB.O) users whose personal information was stolen in a September 2018 data breach cannot sue as a group for damages, but can seek better security at the social media company after a series of privacy lapses. Read more on Reuters.
OCR Secures $2.175 Million HIPAA Settlement after Sentara Hospitals Failed to Properly Notify HHS of a Breach of Unsecured Protected Health Information
OCR has announced another settlement. This one involves Sentara Hospitals, and it’s a somewhat surprising one in the sense that Sentara not only seems to have gotten the fundamentals of HIPAA and notification compliance wrong, but then they seem to have insisted in their wrongheaded ways even after HHS told them what their obligations were. …