A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series. Craig A. Newman of Patterson Belknap writes: Part 1 In three separate…
Category: Exposure
Poor incident response? Bad PR, Monday edition
If you can’t prevent a breach, can’t you at least fake genuine concern? You know, the “At <blahblahblah>, we take your privacy and security very seriously” bit? Mark Flamme reports on a Key Bank breach where the bank’s response to notification of a problem is at least as problematic as the breach itself. After a…
Sensitive medical records dumped in public Allentown recycling bin
Paul Muschick and Emily Opilo report on one of those data protection fails that sometimes happen when a practice closes. And once again, we find no one stepping up to admit responsibility for the improper disposal of patient records with personally identifiable information and sensitive protected health information. In this case, the records appear to…
Personal information of up to 9,000 customers affected by possible security breach, CU says
Alissa Zhu reports: City Utilities has identified up to 9,000 customers who used payment kiosks or a certain mobile app to pay their utilities bills. Those customers’ personal information may be affected by a possible security breach, according to a news release. Information potentially at risk for those individuals include names, addresses, phone numbers, utility billing accounts, bank…
Compromised payroll documents contained personal info of current, former Humboldt County staff, dependents
Will Houston reports: Sensitive personal information — including social security numbers and bank account information — for several former and current Humboldt County employees, including some of their dependents, were found in boxes of missing county records that suspiciously turned up in Trinity County, according to a recently completed county review. When asked by the…
Data security breach at Rutgers leaves the information of 1,700 students unprotected
Saige Francis reports: On Nov. 8 and 9, Rutgers experienced a “data security” breach that left the information of nearly 1,700 students unprotected, said Neal Buccino, a University spokesperson. This incident affected students in the Department of Computer Science and revealed information including Rutgers I.D. numbers, cumulative GPAs and Spring 2018 class schedules. Sensitive information,…