AnnaMaria Andriotis reports: Equifax is nearing a deal to settle a slew of state and federal investigations into a 2017 data breach that exposed nearly 150 million Americans’ Social Security numbers and other sensitive personal information. Under the agreement, the credit-reporting firm would pay around $700 million to settle with the Federal Trade Commission, the…
Category: Of Note
Hackers breach 62 US colleges by exploiting ERP vulnerability
Catalin Cimpanu reports: Hackers have breached the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, the US Department of Education said in a security alert sent out this week. The vulnerability is in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP that…
UK: Former motor industry worker ordered to pay £25,500 from proceeds of data theft
A motor industry employee who was sentenced to six months in prison in November 2018 for accessing personal data without permission, has been ordered to pay a £25,500 confiscation order in a case brought by the Information Commissioner’s Office (ICO). Following a hearing at Wood Green Crown Court, London on 15 July, the judge determined…
HIPAA nightmare: An IT vendor’s error left more than 300,000 files with protected health information exposed
Medico, Inc.’s IT vendor’s error left at least two Amazon buckets unsecured More than 300,000 files contained protected health information related to patient billing, complete with insurance information and treatment codes Leaks were independently discovered by at least three researchers using different search methods It’s been a rough few months in terms of business associates…
Hacker steals data of millions of Bulgarians, emails it to local media
Catalin Cimpanu reports: A mysterious hacker (or hacker group) has stolen the personal details of millions of Bulgarians and has emailed download links to the stolen data to local news publications. The data’s origin is believed to be the country’s National Revenue Agency (NRA), a department of the Bulgarian Ministry of Finance. In a message…
Hospital fined €460,000 for privacy breaches after Barbie case
DutchNews.nl reports: The Haga hospital in The Hague has been fined €460,000 for poor patient file security, after it emerged a tv reality soap star’s medical records had been accessed by dozens of unauthorised members of staff. The Dutch privacy watchdog Authoriteit Persoonsgegevens said its research showed patient records at the hospital are still not…