Kyra Gurney reports: Two months before the U.S. presidential election, international hackers slipped into the computer systems of at least four Florida school district networks in the hopes of stealing the personal data of hundreds of thousands of students. They infected the systems with malware — malicious software — that turned off the logs recording…
Category: Of Note
NYS settles with CoPilot Provider Services over delayed breach notification to 220,000 patients
There’s a follow-up to an incident reported by DataBreaches.net in January and February involving CoPilot Provider Services. As I had reported in January, CoPilot took more than one year to notify individuals of a breach involving their web site, and would not answer any questions as to why it took so long. As I subsequently…
HospitalGown Database Leak: Enterprise Apps Found Leaking Data On Back End Servers
AJ Dellinger reports: Mobile apps for enterprise services that manage data are leaving massive troves of user information exposed and unprotected on backend servers, according to a group of security researchers. Experts at Appthority, a mobile security firm, published a report that showed 43 terabytes of data from enterprise apps left exposed. The information was…
Anthem, AmEx, PayPal, Must Face ID Theft Suit in Calif.
Jimmy H. Koo reports: Health insurance, financial services, and payment card companies failed to keep a California attorney’s identify theft lawsuit in federal court and must face the allegations back in state court, the U.S. District Court for the Northern District of California held May 31 ( Gallo v. Unknown No. of Identity Thieves ,…
Has Booz Allen Hamilton had yet another serious and embarrassing data leak?
So while I was busy trying to get from there to here, UpGuard’s new site, Cyber Resilience, released its first blockbuster report: In what constitutes the latest in a series of blows to the US intelligence community’s reputation for stringent information security, UpGuard’s Cyber Resilience Team can now reveal the discovery by Cyber Risk Analyst…
The Computer Fraud and Abuse Act Will Need To Wait Another Day In New York’s Commercial Division
Justice Shirley Kornreich recently issued one of the few New York state court decisions that address the Computer Fraud and Abuse Act (“CFAA”). Spec Simple, Inc. v. Designer Pages Online LLC, No. 651860/2015, 2017 BL 160865 (N.Y. Sup. Ct. May 10, 2017). The CFAA criminalizes both accessing a computer without authorization and exceeding authorized access…