KTVZ reports: The Oregon Construction Contractors Board said Friday it has discovered a security breach involving 8,013 online contractor accounts. Unauthorized individuals gained access to some contractors’ usernames and related password information. The incident occurred between Oct. 27 and Oct. 29, 2018, and was discovered on April 12, 2019, during a routine audit conducted by…
Category: Government Sector
Analysis of ransomware used in Baltimore attack indicates hackers needed ‘unfettered access’ to city computers
Ian Duncan and Christine Zhang report: Officials in the eastern North Carolina city of Greenville arrived to work one morning in early April to find the files on some 800 of their computers locked up. More than five weeks later, they’re still recovering from the debilitating cyberattack. The city of around 92,000 realized April 10…
Whistleblower lawsuit alleges hackers stole $515,000, and Fort Worth employee data was compromised in security breach
Deanna Boyd reports: Hackers stole more than $515,000 from the city of Fort Worth and employees with criminal convictions were allowed access to a confidential FBI criminal database, according to a lawsuit filed Wednesday by a former IT manager against the city. William Birchett alleges that he was fired in February in retaliation for reporting…
Australians’ Medicare details illegally sold on darknet – two years after breach exposed
Paul Karp reports: Australians’ Medicare details are still being illegally offered for sale on the darknet, almost two years after Guardian Australia revealed the serious privacy breach. Screenshots of the Empire Market, provided to Guardian Australia, show the vendor Medicare Machine has rebranded as Medicare Madness, offering Medicare details for $US21. Read more on Guardian…
Update: Oklahoma Dept of Securities notifying individuals affected by 2018 security incident
Here’s another case where there’s a long gap between discovery of an incident and notification to individuals. The Oklahoma Department of Securities had an incident that began Nov. 29, 2018. It was discovered December 11, 2018. On January 16, 2019, the agency issued a statement saying: The Oklahoma Department of Securities (ODS) has initiated a…
Charnwood Borough Council data breach sees residents’ personal details published online
Dan Martin reports: A council has apologised after publishing residents’ personal details online by mistake. Officials at Charnwood Borough Council failed to remove from a document names, addresses, phone numbers and email addresses of people who responded to a survey on levels of council tax to be levied on empty homes before uploading it to…