Paul Bischoff reports: An exposed online database consisting of some 200 million records included a wide range of sensitive personal and demographic data about residents and their properties. Homeowners were identified as well as info about their credit ratings, net worth, and income, among other details. At this time we have not been able to…
Category: Of Note
Ransomware Attackers Use Your Cloud Backups Against You
Lawrence Abrams reports: Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you. Recently the DoppelPaymer Ransomware operators published on their leak site the Admin user name and password for a non-paying victim’s Veeam backup software This was not meant to expose the…
MO: Judge orders Jefferson City School District to rehire fired administrator
Matthew Sanders Joe McLean report that a court has sided with a former school district employee who had been fired for transferring student files to her personal computer. A judge ruled this week that the Jefferson City School District illegally fired an administrator who transferred work files to her personal computer. Cole County Circuit Judge…
UK: Cathay Pacific Airways Limited fined £500,000 for failing to secure its customers’ personal data
From the ICO: The Information Commissioner’s Office (ICO) has fined Cathay Pacific Airways Limited £500,000 for failing to protect the security of its customers’ personal data. Between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed, 111,578 of whom were from the UK, and…
OCR settles complaint against doctor for failure to have appropriate risk assessment and security controls, despite technical assistance
OCR has settled a complaint against a covered entity for violations that first occurred prior to November, 2013, but continued thereafter. Yes, 2013. That’s when Steven A. Porter, M.D., first reported a breach to OCR that involved his business associate Elevation43. According to the complaint Porter filed at the time, and as described by OCR,…
French Firms Rocked by Kasbah Hacker?
Brian Krebs reports: A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and…