Katie Lannan reports: A compromise bill filed Tuesday by a House-Senate conference committee would afford Massachusetts residents a year and a half of free credit monitoring services if their personal data and Social Security number are compromised by a data security breach. The panel, chaired by Rep. Tackey Chan and Sen. Barbara L’Italien, filed its…
Category: Of Note
Thousands of Medical Records Left Unsecured–So Who’s Investigating?
A news report from a few days ago is actually a good example of the frustration some experience with OCR investigation of breaches. TL;DR version: a breach was reported by the media in March, 2017. This site also noted it. But now, more than one year later, there have been no consequences for the entity,…
Vietnam’s New Cybersecurity Law and Push for Internet Sovereignty Reduces Freedom
Scott Ikeda reports: On June 12th the Vietnamese National Assembly voted in a new cybersecurity law. The legislation did not come easily having gone through more than 12 drafts and much debate in government and the business sector. The claimed purposes of the legislation are to increase Vietnam’s Internet sovereignty, that is the data of…
Samsam infected thousands of LabCorp systems via brute force RDP
Steve Ragan reports: LabCorp, one of the largest clinical labs in the U.S., said the Samsam ransomware attack that forced their systems offline was contained quickly and didn’t result in a data breach. However, in the brief time between detection and mitigation, the ransomware was able to encrypt thousands of systems and several hundred production…
UK: Independent Inquiry into Child Sexual Abuse fined £200,000 for revealing identities of possible abuse victims in mass email
From the Information Commissioner’s Office, this press release: The Independent Inquiry into Child Sexual Abuse (IICSA) has been fined £200,000 by the Information Commissioner’s Office(ICO) after sending a bulk email that identified possible victims of non-recent child sexual abuse. The Inquiry, set up in 2014 to investigate the extent to which institutions failed to protect…
Thousands of patient records held for ransom in Ontario home care data breach, attackers claim
Matthew Braga, Lori Ward, Andrew Culbert report: The detailed medical histories and contact information of possibly tens of thousands of home-care patients in Ontario are allegedly being held for ransom by thieves who recently raided the computer systems of a health-care provider. CarePartners, which provides home medical care services on behalf of the Ontario government,…