Todd Wallack reports: Save the Children Federation, one of the country’s best-known charities said it was the victim of a $1 million cyberscam last year. The Connecticut-based nonprofit said hackers broke into a worker’s e-mail, posed as an employee, and created false invoices and other documents, to fool the charity into sending nearly $1 million…
Category: U.S.
GA: Mind & Motion notifies 16,000 after ransomware attack
One of the newer incidents appearing on HHS’s public breach tool this week is a report from Mind & Motion, LLC in Georgia. Mind & Motion offers various types of therapeutic modalities. On September 30th, 2018, they discovered that their server had been attacked with ransomware. In a notification to patients, they write: We have…
San Bernardino Community College District notifies students whose personal info was exposed in spreadsheet gaffe
Errors involving spread sheets continue to contribute to breaches. Consider this description in a notification from San Bernardino Community College District – Crafton Hills College Campus. The breach occurred on October 25: What HappenedWe recently learned that a District employee inadvertently sent a spreadsheet containing certain individuals’ information to a community college distribution list. Although the…
Federal data privacy bill introduced by 15 US senators
Laura Hautala reports: The US doesn’t have a single data privacy law that applies to all fifty states. On Wednesday, a group of 15 US senators indicated it wanted to change the status quo, introducing the Data Care Act. The bill (PDF) would require companies that collect personal data from users to take reasonable steps to safeguard the information….
ME: School department officials notify current and former staff of hack
WABI reports on a hack impacting employee, but not student, data: Last week, former and current employees of AOS 77 in Washington County were made aware of a data breach in the school department’s central office. The superintendent tells us he sent a letter to about 2,000 people making them aware some of their personal…
Aspire Health says stolen emails never opened, abandons hunt for hacker
Brett Kelman reports an update to a phishing incident in September: A large Nashville-based healthcare company that was hacked earlier this year said Tuesday an internal investigation has revealed the stolen emails were intercepted before they were ever opened by the cyberattacker. Aspire Health, which offers in-home treatment in 25 states, has also abandoned its legal hunt for the…