Tom Cheshire reports: A Sky News investigation has discovered the NHS trusts putting patients at risk by not protecting their data online. Seven NHS trusts, serving more than two million people, spent nothing on cybersecurity in 2015. Sky News worked with security experts to find serious flaws in their cybersecurity, which could be easily exploited by…
Category: Government Sector
In: Data of 34 million Keralites leaked in massive data breach; govt had ignored vulnerability reports
And this, kids, is what happens when an entity keeps ignoring vulnerability reports from researchers or infosec folks. In this case, an IT consultant, “N.T.R.,” hacked civilsupplieskerala.gov: “I wrote to the NIC several times pointing to the vulnerabilities and even called the civil supplies office warning them about a possible breach, but they ignored me….
UK: Ealing Council loses ‘sensitive’ personal data after social worker leaves court documents on roof of car and drives off
David Rivers reports: The personal information of almost 30 people was lost after an Ealing Council social worker left court documents on the roof of her car and drove off. Personal data relating to 27 people including 14 children, some of it sensitive, was lost following the blunder in February and have never been recovered. Read more…
Ca: 197 patient health records ‘inappropriately accessed’ by provincial employee — for birthday cards
Bryce Hoye reports: A former government employee wasn’t up to anything nefarious when she peeked at the private health records and home addresses of Manitoba patients — she just wanted to know where to send her love and birthday wishes. A spokesperson with Manitoba Health said an internal investigation is underway after 197 patient health records were “inappropriately accessed”…
AU: Human Services admits privacy breach.
Paris Cowan reports: The Department of Human Services has admitted it uploaded sensitive Medicare claims records to the wrong recipient’s electronic health records 86 times in the 12 months to 30 June 2016. DHS, which is responsible for the operation of the Medicare medical rebate scheme, is obliged under law to report any data breaches…
MI: Lansing Board of Water & Light paid $25,000 ransom after cyberattack in April
There’s an update to a ransomware attack on Lansing Board of Water & Light that had been reported back in May. The Lansing State Journal reported this week: The Lansing Board of Water & Light paid a $25,000 ransom to unlock its internal communications systems after they were disabled by a cyberattack last spring, officials…