Remember the Advanced Data Processing/Intermedix insider breach of 2012 where a rogue employee provided ambulance patient identity information to others involved in a tax refund fraud scheme? I had covered it on PHIprivacy.net (cf here and here for just two of the posts) and also on this site (cf, this post). In reporting on the breach, one of the…
Category: Of Note
UPDATE: Russia thought to be behind attack on Pentagon Joint Chief of Staff email system
Courtney Kube and Jim Miklaszewski report: U.S. officials tell NBC News that Russia launched a “sophisticated cyberattack” against the Pentagon’s Joint Staff unclassified email system, which has been shut down and taken offline for nearly two weeks. According to the officials, the “sophisticated cyber intrusion” occurred sometime around July 25 and affected some 4,000 military…
Little progress made in FOIA lawsuit against FTC over data security standards
On May 14, I noted an article in Legal Times about a FOIA lawsuit filed by Philip Reitinger against the FTC. Reitinger sued the FTC after it returned no responsive documents to his FOIA request of November, 2014. Reitinger originally sought: Any and all documents including memoranda, communications, decisions, deliberations, and analyses regarding standards, guidelines, or…
Internet firms to be subject to new cybersecurity rules in EU
Julia Fioretti reports: Internet firms such as Cisco, Google and Amazon will be subject to a new EU cybersecurity law forcing them to adopt tough security measures and possibly report serious breaches to national authorities, according to a document seen by Reuters. The so-called Network and Information Security Directive has been stuck in talks between…
Joint Chiefs’ email network breach was “most sophisticated” cyberbreach in US military history (UPDATE 1)
On July 28, CNN reported: The unclassified email network used by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and hundreds of military and civilian personnel was taken offline over the weekend after suspicious activity was detected, the Pentagon confirmed to CNN on Tuesday. Yesterday, The Daily Beast reported that the attack was much…
UK: ICO issues £180,000 civil monetary penalty in wake of data breaches
The Information Commissioner’s Office (ICO) has issued civil monetary penalty (CMP) of £180,000 to the Money Shop in the wake of two incidents in 2014 that led to a fuller investigation of the Money Shop’s data protection policies and procedures. As described in the notice, on April 16, 2014, a Money Shop store in Lurgan, Northern Ireland was…