Hillary Borrud reports: An employee at Oregon’s tax collection agency copied the data of 36,000 people, including social security numbers, and stored the files to a personal account, the state announced on Friday. The Department of Revenue detected the breach on Feb. 23 and moved quickly to remove the files from the employee’s cloud account,…
Category: Government Sector
MX: Movimiento Ciudadano fined almost $2 million for 2016 voter list data leak
In 2016, I reported on a leak involving a Mexican voter registration database with details on 93.4 million Mexican voters. The list had been in the possession and control of one of the political parties there, Movimiento Ciudadano, who tried to claim that they were hacked by none other than Chris Vickery, who had discovered their…
Atlanta city government systems down due to ransomware attack [Updated]
Sean Gallagher reports: The city of Atlanta government has apparently become the victim of a ransomware attack. The city’s official Twitter account announced that the city government “is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information.” According to a report from Atlanta…
UK: Wigan council’s data breach shock
Rachel Howarth reports: Wigan Council has experienced more than 80 data breaches in the past two years, concerning figures have revealed. A recent Freedom of Information request has highlighted an alarming number of incidents in which sensitive, confidential or otherwise protected information has been accessed or disclosed “in an unauthorised fashion.” Read more on…
Town of Oswego – Financial Condition and Information Technology Audit
The NYS Comptroller’s Office has released another audit: Town of Oswego – Financial Condition and Information Technology (2017M-290). From their summary: Purpose of Audit The purpose of our audit was to determine whether the Board adopted realistic budgets that were structurally balanced, whether officials adequately monitored the Town’s financial operations and whether the Board adopted adequate…
The Dutch Data Protection Authority accidentally leaked its employees’ data
MIX reports: Oh, sweet irony: the Dutch Data Protection Authority – where registered companies are required to report breaches in data – has accidentally leaked the names of some of its employees in over 800 public documents, local outlet NU.nl reports. The discovery comes from Dutch cybersecurity firm NFIR. Pauline Gras from the Dutch Data…