Arshad Mohammed and Joseph Menn report: When a retired 51-year-old military man disclosed in a U.S. security clearance application that he had a 20-year affair with his former college roommate’s wife, it was supposed to remain a secret between him and the government. The disclosure last week that hackers had penetrated a database containing such…
Category: Of Note
Private medical data of 6,600 Texans was exposed on Internet for up to 8 years
J. David McSwane reports: Confidential medical records of more than 6,600 Medicaid patients in Texas were unintentionally made public for up to 8 years via the Internet by the Department of Aging and Disability Services. The agency, which is charged with assisting some of the state’s most vulnerable people, became aware of the breach in…
Missing Link Network breach affects winery clients (update3)
Missing Link Network, the e-commerce provider for a number of wineries, notified its clients on May 27th of a breach that occurred between April 1 and April 30. The breach resulted in the attacker gaining access to customers’ names, addresses, dates of birth, and payment card data. Affected clients include (links go to their notification…
Cardinals Face F.B.I. Inquiry in Hacking of Astros’ Network
Michael S. Schmidt reports: The F.B.I. and Justice Department prosecutors are investigating whether front-office officials for the St. Louis Cardinals, one of the most successful teams in baseball over the past two decades, hacked into internal networks of a rival team to steal closely guarded information about player personnel. Investigators have uncovered evidence that Cardinals…
Abandoned autopsy lab in Tobolsk, Siberia still has medical records, human remains
This is a somewhat bizarre – and disturbing – breach involving medical records and human remains. Police have launched an investigation after an abandoned autopsy laboratory containing mummified baby remains was discovered in a park. The gruesome facility in Tobolsk, which may have been used as recently three years ago, was stumbled across by a…
After breaches, higher-ed schools adopt two-factor authentication
Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…