Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
Category: Of Note
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
A hack and extortion attempt involving the psychotherapy center in Vastaamo, Finland was — and remains — one of the worst breaches ever covered on PogoWasRight.org and DataBreaches.net because it involved the sensitive mental health information of tens of thousands of patients and a coverup by an executive of the clinic. Now EDPB has posted…
Russian national named in $82M hacking scheme denied bail
AP reports: A Russian millionaire who U.S. authorities allege participated in a scheme to steal information on computer networks and use it for insider trading, illegally bringing in tens of millions of dollars, was denied bail Wednesday. Vladislav Klyushin, 41, who works for an information technology company with ties to the upper levels of the…
FTC warns companies to remediate Log4j security vulnerability
Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a serious vulnerability in the popular Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications. This vulnerability is…
Fired University of Utah researcher exposes breaches in student data
Chris Jones and Nadia Pflaum of KUTV report: Dr. Judith Zimmerman knew she was fired for doing the right thing. She was the lead investigator on a research project on autism in children, which she spearheaded at the Utah Department of Health. She brought that project, and a very sensitive database of data, to the…