Katherine Lawton reports: A police officer lost his laptop and notebook as he drove along the motorway after leaving them on the roof of his car – in the fourth data breach by a single force. The PSNI said it is investigating after a senior officer revealed sections of the lost notebook remain outstanding. Read more…
Category: Government Sector
NYC Finance Department Sent Every Employee Their Colleagues’ Personal Info
Yoav Gonen reports: The city Department of Finance inadvertently emailed a roster of all of its staff — containing home addresses, cell numbers and personal email addresses — to the agency’s roughly 1,800 employees in a botched test of its emergency notification system, THE CITY has learned. The snafu was accompanied by automated calls to…
UK: Press notice regarding data breach at Norfolk and Suffolk police
Norfolk and Suffolk constabularies have identified an issue relating to a very small percentage of responses to Freedom of Information (FOI) requests for crime statistics, issued between April 2021 and March 2022. A technical issue has led to some raw data belonging to the constabularies being included within the files produced in response to the…
Colorado Department of Health Care Policy & Financing reports more than 4 million affected by MOVEit breach
As I tooted earlier this morning on Infosec.Exchange: One of the MOVEit victims was the Colorado Department of Health Care Policy & Financing, which was notified by IBM of the data breach. According to their notification, the information types included full name, Social Security number, Medicaid ID number, Medicare ID number, date of birth, home…
NYS Comptroller Audit: Cyber Incident Response Team (Follow-Up)
Issued Date: July 20, 2023 Agency/Authority: Homeland Security and Emergency Services, Division of Objective To assess the extent of implementation of the two recommendations included in our initial audit report, Cyber Incident Response Team (Report 2020-S-58). About the Program Cybercrimes continue to rise. According to the Federal Bureau of Investigation (FBI), complaints of phishing and similar cyberattacks often…
UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability
Kevin Beaumont writes: You have have read about the hack of the Electoral Commission recently. In this piece we take a look at what happened, show they were running Microsoft Exchange Server with Outlook Web App (OWA) facing the internet, and the unpatched vulnerability that presented. The Electoral Commission ran Microsoft Exchange Server on IP…