As many of us were waking up to a brand new year, DataBreaches reported that LockBit 3.0 had claimed an attack on the Housing Authority of the City of Los Angeles (HACLA). Screencaps of directories and some files were provided by LockBit as proof of claims. Numerous news outlets picked up the news of the attack,…
Category: Government Sector
Notice of Privacy Incident of Historical Health Records – California Secretary of State
From the FAQ (both the FAQ and HTML version have occasional errors and label certain dates 2023 when they were 2022): 1. What happened? On December 23, 2022, the California Secretary of State (SOS) was notified by a researcher that the records they were provided to view contained records not older than 75 years. Pursuant…
3,400 death registry records accessed in Hawaii Department of Health data security breach
We do not see many breach notifications from Hawaii, but KHON made us aware of this reminder to disable access when an external employee terminates employment: HONOLULU, HI – The Hawai‘i Department of Health (DOH) will send out notification letters regarding unauthorized access to the DOH Electronic Death Registry System (EDRS), by the end of…
Capitol Hill data breach more ‘extensive’ than previously known
Sean Lyngaas reports: A sweeping cybersecurity breach of congressional members’ private information was more extensive than previously known and affects not only House lawmakers and their staff but also Senate employees. The Senate sergeant-at-arms alerted Senate staff about the breach Thursday in an email obtained by CNN. The compromised data is “extensive,” and includes sensitive data such…
EPA Requires States to Address the Cybersecurity of Public Water Systems
Ashden Fein, Micaela McMurrough, Caleb Skeath, and Matthew Harden of Covington & Burling write: On March 3, 2023, the United States Environmental Protection Agency (“EPA”) published a memorandum requiring states to evaluate the cybersecurity of operational technology used by public water systems (“PWSs”) “when conducting PWS sanitary surveys or through other state programs.” EPA’s memorandum “interprets the…
Boonton Police Captain Allegedly Steals Computer Towers, Internal Affairs Records
Frank L. Cahill reports: Attorney General Matthew J. Platkin confirmed charges against a Boonton police captain who allegedly stole his internal affairs records and computer hardware containing police data from the Boonton Police Department. Stephen Jones, 42, of Toms River, has been charged with computer theft, tampering with public records, and other offenses in connection…