Dan Goodin reports: On of the most significant events in computer security came in April 2017, when a still-unidentified group calling itself the Shadow Brokers published a trove of the National Security Agency’s most coveted hacking tools. The leak and the subsequent repurposing of the exploits in the WannaCry and NotPetya worms that shut down…
Category: Government Sector
UK: Government in email privacy gaffe
BBC reports: A government department responsible for data protection laws has shared the contact details of hundreds of journalists. The Department for Digital, Culture, Media and Sport emailed more than 300 recipients in a way that allowed their addresses to be seen by other people. The email – seen by the BBC – contained a…
Audit: HHS Info Security Program ‘Not Effective’
Marianne Kolbasuk McGee reports: The Department of Health and Human Services’ information security program has received a “not effective” rating as a result of several weaknesses found in an annual review of compliance with the Federal Information Security Management Act of 2014. The HHS Office of Inspector General report is based on an audit conducted…
CPSC Notifies Consumer Product Manufacturers of Possible Data Breach of Safety Information
Merrit Jones and Jena Valdetero of Bryan Cave write: A number of retailers and manufacturers have recently received notices from the U.S. Consumer Product Safety Commission concerning a possible data breach. The CPSC’s letter advises recipients of an unauthorized release of confidential information that did not go through the procedures of 15 U.S.C. § 2055,…
MS: Lauderdale County employees’ sensitive information exposed
Whitney Downard reports: More than 100 Lauderdale County employees had their sensitive information shared via email to other employees covered by the county’s healthcare plan in an accidental exposure Tuesday. Personal information in the email included names, social security numbers and phone numbers. Chris Lafferty, the county administrator, inadvertently shared the information in a county-wide email sharing health…
AU: Centrelink privacy breach ‘horrendous’
The Australian Associated Press reports: Labor’s social services spokesperson Linda Burney has criticised the Coalition for its “mismanagement” of a remote community employment program after Centrelink clients had their details published to a public Facebook page. Dozens of names of those required to attend client meetings were uploaded by a Northern Territory work-for-the-dole provider in…