Barrow County in Georgia issued a breach notice about a breach of its email environment that occurred between March and August of 2022. Its notification, posted on its website, states, in part: The type of information at issue varied for each individual, but included a variation of the following: name; date of birth, Social Security…
Category: Commentaries and Analyses
HHS Office for Civil Rights Settles HIPAA Investigation with iHealth Solutions Regarding Disclosure of Protected Health Information on an Unsecured Server for $75,000
HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Sweetwater Union High School District now admits February outage was a hack, but still hasn’t answered questions
There’s an update to a report in February about an outage that wasn’t described at the time as a hack or ransomware attack. Laura Acevedo reports: The Sweetwater Union High School District has confirmed a hack was the cause of a days-long system outage at their facilities, saying the personal information of employees, students, and families…
UK: Prosecution of tracing agent for illegally obtaining personal information
An enforcement action and prosecution was announced by the U.K. Information Commissioner’s Office this week: A former tracing agent pleaded guilty and was fined for illegally obtaining personal information to check if customers of a high street bank could repay their debts. Michael Isaacs, 80, from Epsom, Surrey was the sole director of Datasearch Services…
Law enforcement seizes domains owned by “Pompompurin” and one currently owned by DataBreaches
When the owner of Breached.vc was arrested in March, people expected to see Conor Fitzpatrick’s BreachForums site seized by authorities. Somewhat surprisingly, it wasn’t, and Baphomet, the forum’s administrator, was able to post messages on the site explaining what was going on and that he was taking the site down for fear it had been…
Confused about the drama with the new BreachForums? Reading this will either help you or make your head spin.
[Please see corrections at end of post.] Over the past week, DataBreaches has been contacted by a few journalists who have been somewhat understandably confused about the situation with the original BreachForums and a new forum calling itself BreachForums. And from reading news reports this week, I see that some journalists are making errors, so…