The Information Commissioner’s Office issued the following press release involving a monetary penalty related to an unintended exposure incident and a misconfiguration. Imagine if every such leak here resulted in the FTC or a state attorney general fining the entity….. The Information Commissioner’s Office (ICO) has fined a London estate agency £80,000 for leaving 18,610…
Category: Commentaries and Analyses
Data Breaches and Educational Institutions
Marjorie Spivak, Taylor Ey, and Liz LeVan Riley of Womble Bond Dickinson (US) LLP write: Consider these five steps during your summer break to address the protection of confidential information and combat cybersecurity risks before the start of fall semester. 1. Information Assessment: Identify what data your institution holds, how it is used, how is…
Victims of AMCA’s breach allege AMCA not helpful enough in incident response
The other day, I wondered aloud whether there was anything the American Medical Collection Agency (Retrieval Masters) could have done after they were hacked to keep their big clients like Quest Diagnostics and LabCorp. An interesting report by Marianne Kolbasuk McGee on BankInfoSecurity suggests that there might have been. McGee reports that newly submitted court…
PA: Software firm, health care provider accuse each other of theft
Nicholas Malfitano reports on a lawsuit in which a healthcare provider, Post Acute Medical, LLC (PAM), accuses the former owner and operator of its computerized records database, Christopher LeBlanc and Meridian Hospital Systems Corporation of Dallas, Texas, of illegally retaining its confidential patient data. The suit was filed in federal court for the Middle District…
Lenovo Confirms 36TB Data Leak Security Vulnerability
Davey Winder reports: Lenovo has confirmed that a “high severity” security vulnerability has left users of specific network-attached storage devices with data exposed to anyone who went looking for it. How much data? How does at least 36TB grab you? That’s the number that the security researchers who uncovered the vulnerability in the Lenovo-EMC storage…
Cyberattacks like Coventry intrusion inflict deep harm at schools
Michael Melia of AP reports: Over six weeks, the vandals kept coming, knocking the school system’s network offline several times a day. There was no breach of sensitive data files, but the attacks in which somebody deliberately overwhelmed the Avon Public Schools system in Connecticut still proved costly. Classroom lesson plans built around access to…