Evan Sweeney reports: Already fending off a class-action lawsuit, Banner Health is also the subject of an ongoing federal investigation into a June 2016 cyberattack that exposed patient data. The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) launched an investigation in the aftermath of the attack that exposed data for 3.7…
Category: U.S.
Six months after TheDarkOverlord attacked their district, School District 6 sends breach notification letters to parents
More than six months after the hacker or hackers known as TheDarkOverlord hacked and terrorized School District 6 in Columbia Falls, Montana, the district has sent parents breach notification letters revealing what they were able – and not able – to determine. Three versions of the March 19th letter, marked “Draft” and signed by Superintendent…
Expedia’s Orbitz says 880,000 payment cards hit in breach
Reuters reports: Orbitz, a subsidiary of online travel agency Expedia Inc (EXPE.O), said on Tuesday that hackers may have accessed personal information from about 880,000 payment cards. The unit said an investigation showed that the breach may have occurred between Jan. 1, 2016 and Dec. 22, 2017 for its partner platform and between Jan. 1,…
NY: Finger Lakes Health dealing with ransomware attack (Corrected)
WHEC reports that Finger Lakes Health is functioning the old-fashioned way while its computer system remains locked up by an unspecified type of ransomware: The agency said that an outside party is demanding payment to let it access its files. The agency was notified of the breach around midnight Sunday. Officials at Finger Lakes Health say…
Public Notification of Data Breaches: Between a Rock and a Hard Place
John Amabile and Micheal Binns of Parker Poe Adams & Bernstein write: A change in emphasis in disputes over data security breaches is coming. To date, the focus has been on issues and potential damages arising from the breach itself and the subsequent loss of private, personal information. In light of recognized delays from both…
Florida Virtual School database now uploaded to HaveIBeenPwned
From Troy Hunt, an aid to parents who want to check if their email address or their child’s email address was in a leaked database: New breach: The Florida Virtual School had 368k student records with 543k email addresses exposed including names, grades and dates of birth. It’s flagged as “sensitive” due to the prevalence…