If there is a Keystone Cops equivalent of a k-12 data breach, a recent incident involving Chicago Public Schools may be a strong contender. Last week, this site noted a breach that seemed puzzling in its description. Since that time, some informed parents have reached out to me to provide me with more details about…
Category: Of Note
All members of Rex Mundi have now been arrested – Europol report
I haven’t posted anything new about Rex Mundi since 2016, but I’ve continued to compile information on them, in part because their use of the extortion model predated the same approach by TheDarkOverlord. But now it appears that all eight members of Rex Mundi have been arrested in a series of arrests beginning in June,…
Data breach litigation against optometry board revived
Judy Greenwald reports: A federal appeals court has overturned a lower court ruling and reinstated putative class action data breach litigation against the National Board of Examiners in Optometry Inc. The 4th U.S. Circuit Court of Appeals in Richmond, Virginia, said in Tuesday’s ruling in Rhonda L. Hutton et al. v. National Board of Examiners…
Canada Revenue Agency logs 2,338 privacy breaches in just under 2 years
Monique Scotti reports: The personal, confidential information of over 80,000 individual Canadians held by the Canada Revenue Agency may have been accessed without authorization over the last 21 months, according to government documents made public last week. But while the number of potential privacy breaches may be eye-popping, the CRA is downplaying the seriousness of…
UK: Gloucestershire Police fined for revealing identities of abuse victims in bcc email gaffe
The Information Commissioner’s Office has really been busy handing out fines. Have you seen any monetary penalties imposed by regulators on police departments here in the U.S.? No, you haven’t, right? Gloucestershire Police has been fined £80,000 by the Information Commissioner’s Office (ICO) after sending a bulk email that identified victims of non-recent child abuse….
Yahoo! UK fined £250,000 by ICO after systemic failures put customer data at risk
From the ICO’s office: Yahoo! UK Services Limited has been fined £250,000 by the Information Commissioner’s Office (ICO) following a cyber-attack in November 2014. The incident was publicly disclosed in September 2016, almost two years after it had taken place. Because of when the breach happened, the ICO’s investigation was carried out under the Data…