Nicole Della Ragione and Leora F. Ardizzone report: While data breaches at Equifax, Yahoo, Anthem and Target have made the national news, data breaches at school districts are not as widely publicized. Schools are a treasure trove of children’s personally identifiable information (PII) (e.g., name, address, Social Security number) and protected health information (PHI), as…
Category: Of Note
Amazon Releases New Guidance on AWS and FERPA
Dian Schaffhauser reports: More than two years after issuing guidance on FERPA compliance and Amazon Web Services, Amazon has updated the whitepaper to lay out the company’s “shared responsibility model” and provide specific guidance on 24 different AWS services. The Family Educational Rights and Privacy Act, in general, calls for schools and agencies to “reasonably…
Germany admits hackers infiltrated federal ministries, Russian group suspected
DW reports: The German government confirmed on Wednesday that it had suffered a large cyberattack that infiltrated federal computer networks. Citing anonymous sources, German news agency dpa had earlier reported that the Russian hacking group APT28 had placed malware in a government network and infiltrated the Foreign and Defense Ministries. The sources said the malware could have…
Mercy Health Love County Hospital and Clinic notifies patients about unaccounted-for computers
Mercy Health Love County Hospital and Clinic in Oklahoma appears to be having a rough year with breaches and notifications. As previously reported on this site, last summer they had an incident involving medical records being stolen for identity theft. They disclosed that incident in July, and in September, 2017, they reported it to HHS….
Nuance says NotPetya attack led to $98 million in lost revenue
Steve Ragan reports: Nuance Communications, a software company that offers speech and imaging technology to a number of markets, including healthcare and finance, said the 2017 NotPetya malware attacks caused the company to lose $98 million in revenue, and that number is expected to grow as they push forward into 2018. The NotPetya disclosure was…
Arkansas Man Sentenced to Prison for Developing and Distributing Prolific Malware
February 23 – An Arkansas man was sentenced today to 33 months in prison for aiding and abetting computer intrusions by selling malicious software, or “malware,” to individuals who used the malware to steal sensitive information, surreptitiously activate webcams, and conduct other illegal intrusions. Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal…