From the Information Commissioner’s Office, an interesting report with data for Q1 of 2016/17 by sector and attack type. Not surprisingly, the greatest number of breaches were reported by the healthcare sector: Analysis of the types of health data security incidents revealed that the most common sources were errors involving paper records, such as mailing or faxing errors,…
Category: Of Note
Watchdog: IRS failed to notify over 1M people of identity theft
Naomi Jagoda reports: The Internal Revenue Service identified close to 1.1 million taxpayers who were victims of employment-related identity theft from 2011 through 2015, but almost none of the victims were informed, a Treasury Department watchdog found in a report made public this week. “Employment-related identity theft can cause significant burden to taxpayers, including the…
Appalachian Regional Hospitals on emergency operations plan; computers shut down after malware injection
Daniel Tyson reports: Appalachian Regional Hospitals in Beckley and Summers County computer systems were breached Saturday afternoon, but company officials were tight-lipped as to the extent or what information was seized by the hackers. The hospitals’ parent company, Appalachian Regional Healthcare, issued a two-paragraph statement that their hospitals in West Virginia and Kentucky are on…
Lewis-Palmer School District tries to downplay vulnerability and chill a concerned parent’s speech
Back in May and then again in July, I noted several articles about Lewis-Palmer School District 38 in Colorado. A parent had raised concerns about whether the Infinite Campus platform might have compromised more than 2,000 students’ personal and academic information. The parent also alleged that the district had known about the problem since September…
America’s Schools Have A Big Cybersecurity Problem
Jason Glassberg of Casaba Security writes: With the 2016-2017 school year already underway, it’s time to draw attention to an ongoing and very serious problem facing the US education system: our schools are ill-equipped to face the mounting threats posed by hackers. While the education system isn’t the worst US industry in terms of cybersecurity,…
Prosthetic & Orthotic Care patient info remains publicly exposed
First, a quick update on the Athens Orthopedic Clinic breach: It took two requests, but I’m pleased to report that Pastebin removed three pastes with over 1,350 patients’ information. Those pastes were separate from an earlier paste with an additional 500 patients’ information. News outlets that continue to report that 500 patients’ information was exposed and put up for sale are, to…