Nicholas Katzban reports: An internal investigation by the Passaic Housing Authority has named employee Linda Colon as the suspected source of last month’s data breach, which the authority said compromised the personal information of 50 to 60 public housing residents. But Colon has not been charged with any crime, and says the documents involved in the alleged leak…
Category: Government Sector
Hacker stole satellite data from US Department of Defence
The following press release was issued by the National Crime Agency today: A computer hacker has admitted stealing hundreds of user accounts from a US military communications system. Sean Caffrey, 25, of Sutton Coldfield, accessed and stole the ranks, usernames and email addresses of more than 800 users of a satellite communications system, as well…
Hong Kong privacy watchdog blasts electoral office for massive data breach
Ng Kang-Chung reports: A report by the Privacy Commissioner found the electoral office failed to take adequate steps to protect the personal data of Hong Kong’s 3.78 million voters stored in one of two laptop computers that were stolen during the chief executive election in March. Read more on South China Morning Post. Kang-Chung provides…
UK: Gloucester City Council fined by ICO for not updating OpenSSL promptly, which permitted Heartbleed exploitation by Anonymous
The Information Commissioner’s Office (ICO) has fined Gloucester City Council £100,000 after a cyber attacker accessed council employees’ sensitive personal information. The attacker took advantage of a weakness in the council’s website in July 2014, which led to over 30,000 emails being downloaded from council mailboxes. The messages contained financial and sensitive information about council…
NJ: Township of Springfield notifies individuals after discovering hack
The Township of Springfield in New Jersey is mailing out breach notification letters after finding suspicious activity on their police department management server. The unauthorized access occurred between February 22 and March 9, 2017, “when the threat was eliminated.” Information on the server may have included full name, driver’s license or state card identification number, birth date, address, and…
Mississippi Division of Medicaid notifies more than 5,000 after discovering data were not securely transmitted for more than three years
The Mississippi Division of Medicaid (DOM) is informing approximately 5,220 individuals of the potential exposure of their protected health information (PHI). On April 7, 2017, DOM officials became aware of an issue with the online service the agency used to create forms posted to DOM’s website (http://medicaid.ms.gov). Once an online form was submitted the information…