On November 12, @CyberZeist announced on Twitter that the Windham County Sheriff’s Office had been hacked, and that not only was the self-described blackhat giving away the full database, but he was willing to provide backdoor access to the site: Giving away #Backdoor access to Windham County Sheriff’s Office(https://t.co/dlaEW3AvCc)- https://t.co/F7IfQPf97m #HappyWeekend — CyberZeist (@cyberzeist) November 12,…
Category: Government Sector
NHS patients being put ‘at risk’ because of cybersecurity flaws
Tom Cheshire reports: A Sky News investigation has discovered the NHS trusts putting patients at risk by not protecting their data online. Seven NHS trusts, serving more than two million people, spent nothing on cybersecurity in 2015. Sky News worked with security experts to find serious flaws in their cybersecurity, which could be easily exploited by…
In: Data of 34 million Keralites leaked in massive data breach; govt had ignored vulnerability reports
And this, kids, is what happens when an entity keeps ignoring vulnerability reports from researchers or infosec folks. In this case, an IT consultant, “N.T.R.,” hacked civilsupplieskerala.gov: “I wrote to the NIC several times pointing to the vulnerabilities and even called the civil supplies office warning them about a possible breach, but they ignored me….
UK: Ealing Council loses ‘sensitive’ personal data after social worker leaves court documents on roof of car and drives off
David Rivers reports: The personal information of almost 30 people was lost after an Ealing Council social worker left court documents on the roof of her car and drove off. Personal data relating to 27 people including 14 children, some of it sensitive, was lost following the blunder in February and have never been recovered. Read more…
Ca: 197 patient health records ‘inappropriately accessed’ by provincial employee — for birthday cards
Bryce Hoye reports: A former government employee wasn’t up to anything nefarious when she peeked at the private health records and home addresses of Manitoba patients — she just wanted to know where to send her love and birthday wishes. A spokesperson with Manitoba Health said an internal investigation is underway after 197 patient health records were “inappropriately accessed”…
AU: Human Services admits privacy breach.
Paris Cowan reports: The Department of Human Services has admitted it uploaded sensitive Medicare claims records to the wrong recipient’s electronic health records 86 times in the 12 months to 30 June 2016. DHS, which is responsible for the operation of the Medicare medical rebate scheme, is obliged under law to report any data breaches…