This is the time of year when many sites compile their lists of worst breaches of the year. Some consider all sectors, some confine themselves to one sector. Many base their lists on number reported to some regulator. Over the years, I have compiled my own annual lists where the “worst breaches” were not always…
Category: Commentaries and Analyses
NC: Monarch notifies HHS of breach, but where are the details and notice?
On September 1, a listing on a dark web site by a group calling themselves Don#t_Leaks named MonarchNC as a victim. The listing did not appear for long. The only “proof” offered at the time was a filetree and a screencap of what might be an index of an inbox showing monarchnc.org domain in email…
Keeping Bad Actors Out of K–12’s IP Surveillance System
Eileen Belastock reports: K–12 districts are investing a larger portion of their budgets in new security technologies to create safer environments for their school communities. A 2020 study conducted by Omdia on behalf of the Security Industry Association showed the market for physical security equipment in K–12 and higher education was $716 million in 2020. The K–12…
Are Data Breach Class Action Lawsuits Protecting Patients?
Marianne Kolbasuk McGee reports: The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp. With all the legal expenses and time involved…
Attack on the Azienda Ospedaliera di Alessandria hospital: additional details on the case
Marco A. De Felice prefaces his reporting on a Ragnar_Locker attack with this message: For ethical reasons we did not want to spread the news of the attack on the hospital’s IT infrastructure before the news became public knowledge. Indeed, on December 20, SuspectFile had already become aware of the ransom note written by the…
Cyberattacks: higher education on high alert despite the holidays
The following is a machine translation of a report by Valéry Rieß-Marchive: cIn mid-September, Toulouse INP started the school year on a cyberattack with ransomware . At the beginning of December, Grenoble INP informed of an “intrusion” on its computer servers, but not to mention a cyberattack . At the same time, our colleagues from Parisian revealed that the IUT Paris – Rives de Seine was openly…