Seen on Landline: A problem with the Unified Carrier Registration plan’s website may have exposed Social Security or Tax ID numbers for thousands of users. UCR indicated that the vulnerability existed between March 1st and March 28th, 2019. The information exposed includes 23,000 Social Security numbers. After a bit of searching, I found the actual notice from…
Category: Government Sector
Senator Demands Review of How DHS Shares PII With Contractors
Akshaya Asokan reports: Sen. Maggie Hasan, D-N.H. is demanding that the U.S. Government Accountability Office review how the Department of Homeland Security shares personal data with third parties following several recent security incidents in which such information was exposed. In an Oct. 23 letter to the GAO, Hassan writes that recent “troubling” security incidents connected to…
Toronto needs to beef up cybersecurity to avoid ‘devastating’ data breach: auditor general
Lauren Pelley reports: Toronto’s auditor general is pushing the city to beef up cybersecurity to avoid a “devastating” data breach. In a report heading to council’s audit committee on Friday, Beverly Romeo-Beehler says the city needs to “strengthen” information technology and security controls, adding little has been done since she brought forward similar concerns three years ago….
MN: Thousands Potentially Affected in Pine County Data Breach
Joe Keyport reports: Pine County says that around 4,400 people may have their data breached after a county employee had their email account accessed by unauthorized personnel. The incident happened in June when the county’s payroll department received an email request to change the direct deposit for an employee’s paycheck, something that must be done…
City of Johannesburg hit by ransomware, again
Catalin Cimpanu reports: A hacker group going by the name of Shadow Kill Hackers has infected the city of Johannesburg’s internal network with ransomware and is holding South Africa’s largest city for ransom. The hackers are demanding 4 bitcoins to be paid by next Monday, October 28, 5 pm, local time, or they claim they’ll…
MY: Over 17,000 patients’ personal data exposed on national neurology registry website
The Star (in Malaysia) reports: In yet another data breach, more than 17,000 patients’ personal data have been exposed on the government-linked National Neurology Registry (NNeuR) website due to a scripting error, news portal Free Malaysia Today (FMT) reported. The portal reported that the data breach exposed among others NRIC numbers, phone numbers and addresses…