The Office of Inadequate Security
Update: So apparently the notification DataBreaches read is not what is sent out to affected consumers. That one can be found here, and it is not as detailed as the disclosure I have raved about. But do read about the one they sent New Hampshire that was excellent. DataBreaches will leave it to others to…
Aaron Sanderford reports: Nebraska on Monday became the first state to sue Tennessee-based Change Healthcare over the company’s massive data breach that cost at least 575,000 Nebraskans their personal information and medical records. … The breach was blamed on a low-level employee who had his or her login credentials hacked. Nebraska Attorney General Mike Hilgers…
Aimee Ortiz reports: The personal and private information of possibly hundreds of thousands of people who applied for government assistance in Rhode Island could be in the hands of hackers after a huge cyberattack, state officials said on Friday. The cybercriminals said to be behind the attack threatened to release the data unless they received…
Jeremiah Fowler discovered a non-password-protected database that contained more than 4.8 million records belonging to Care1 — a Canadian company offering AI software solutions to support optometrists in delivering enhanced patient care: The publicly exposed database was not password-protected or encrypted. It contained over 4.8 million documents with a total size of 2.2 TB. In a…
A press release from Dutch Politie: Starting this week, law enforcement agencies from fifteen different countries, together with Europol, are once again taking large-scale action against DDoS-for-hire services. In Operation PowerOFF, three arrests were made internationally, 27 websites were taken offline and data from three servers was secured. The Dutch police, under the authority of…
The following announcement by HHS OCR stems from an accidental exposure of protected health information online that continued for several years. Inmediata’s incident resulted in a class action lawsuit that was settled for $1.1 million in 2022, and a settlement with 33 states for $1.14 million in 2023. HHS seems to be the first to…