In February 2017, Google and the State of Iowa were the target of multiple phishing email campaigns. The Office of the Chief Information Officer (OCIO) and the Iowa Veterans Home jointly responded and coordinated the recovery of the incident and worked together to implement additional measures to prevent a similar occurrence in the future. We…
Category: U.S.
RI: Lifespan notifying 20,000 patients after unencrypted laptop stolen from employee’s car
Lifespan is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information. To date, Lifespan has no indication that any patient information has been accessed or used by anyone as a result of this incident. Lifespan is investigating the theft of an employee’s…
Cleveland Metropolitan School District discloses phishing-related incident
Cleveland Metropolitan School District, (“CMSD”), recently discovered an event that that may affect the security of personal and financial information of a select group of employees, students, their guardians, and/or other affiliates of CMSD. What Happened? On March 6, 2017, CMSD determined that certain categories of employee, student, and/or guardian information contained in a limited…
PAUSD student data exposed in Schoolzilla data breach
So we’re beginning to learn a bit more about the Schoolzilla data breach that MacKeeper Security Research Center’s Chris Vickery reported yesterday. Chris had reported that 1.3 million students had their data in the misconfigured Amazon bucket, but he couldn’t be more specific as to where these students came from as he deleted the data…
No Business Associate Agreement? $31K Mistake
From HHS: The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with…
Feds seek 30-year sentence for Russian master hacker convicted in Seattle
Mike Carter reports: In Russian cybercrime mastermind Roman Seleznev, the Department of Justice is boasting it finally caught and convicted a big fish in the often impenetrable world of global computer theft — and now the agency intends to make a lesson of him. Federal prosecutors will ask a Seattle judge Friday to sentence the…