In September, 2020 Fairfax County Public Schools in Virginia was hit with Maze ransomware.The attack was announced on Maze’s dedicated leak site in early September, and after multiple queries by this site, FCPS issued a statement confirming that they had been attacked. One month later, the threat actors started dumping some data on their leak…
Category: Of Note
Dozens of institutional abuse victims to sue over data breach
Claire Simpson reports an update to an email gaffe breach that I had characterized as one of the worst breaches in 2020. I had been somewhat surprised to later read that four out of five victims groups were backing Brendan McAllister. I am not surprised that at least some of those exposed by the breach…
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The Jones…
Et tu, Canada? Evidence of Harm Required To Advance Class Action Following Data Breach
Ranjan Agarwal, Keely Cameron, J. Sébastien A. Gittens, and Justin Lambert of Bennett Jones write: Court of Queen’s Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm or loss. This class…
Jamaica’s JamCOVID pulled offline after third security lapse exposed travelers’ data
Zack Whittaker reports: Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. JamCOVID was set up last year to help the government process travelers arriving on the island. Quarantine orders are issued by the…
New tool reveals security and privacy issues with contact tracing apps
COVIDGuardian, the first automated security and privacy assessment tool, tests contact tracing apps for potential threats such as malware, embedded trackers and private information leakage. Using the COVIDGuardian tool, cybersecurity experts assessed 40 Covid-19 contact tracing apps that have been employed worldwide for potential privacy and security threats. Their findings include that: 72.5 per cent…