Richard Lawler reports: Another day, another security breach (and another, and another…). This time it’s Disqus, which is revealing that in 2012 — around the time when Engadget used Disqus for comments — hackers made off with some of its data, covering a snapshot of usernames and associated email addresses dating back to 2007, as…
Category: U.S.
District investigating data breach at Palo Alto High School
Elena Kadvany reports: The school district said it is investigating a data breach at Palo Alto High School after discovering a “rogue website” Thursday that exposed student names, grade point averages and class ranks. Staff were notified about the website Thursday morning. A screenshot of the website posted by student news outlet The Paly Voice…
Yahoo Triples Estimate of Breached Accounts to 3 Billion
Robert McMillan and Ryan Knutson report: A massive data breach at Yahoo AABA 1.95% in 2013 was far more extensive than previously disclosed, affecting all of its 3 billion user accounts, new parent company Verizon Communications Inc. said on Tuesday. The figure, which Verizon said was based on new information, is three times the 1…
Private data of more than 1,100 NFL players, agents exposed
Max Greenwood reports on another find by Kromtech Security: The personal data of more than 1,100 NFL players and agents was exposed as the result of a misconfigured online database, a cybersecurity company has revealed. Bob Diachenko, the chief communications officer for Kromtech Alliance, wrote in a blog post on the company’s website Monday that researchers…
Aetna offers immediate relief program to members affected by HIV disclosure incident
As this site noted in August, health insurer Aetna had a privacy breach when almost 12,000 members’ HIV status was unintentionally disclosed in mailing envelope windows. This week, Aetna announced it was offering immediate assistance to members affected by the breach. It’s unusual to see a breached entity offer such immediate assistance, and I think…
NC tech firm to pay $264K fine for Vermont data breach
AP reports that Vermont settled with a subcontractor for its Health Connect service after a breach in which the subcontractor didn’t – and possibly would never have – notified anyone about a breach they had been alerted to: Vermont’s attorney general says a technology company will pay a $264,000 fine for a data breach that…