Beth Kassab and Leslie Postal report: The troubled Florida Virtual School should get a new governor-appointed board, new ethics standards for employees and a new inspector general inside the school to oversee internal audits and investigations, according to a report released Friday by the Florida Department of Education. And some of the criticism relates to…
Category: Subcontractor
More victims of yet another Click2Gov breach this week
Yet another report of a data breach involving Click2Gov software by Central Square Technology. Previous coverage of the publicly disclosed breaches from 2017, 2018, and 2019 are linked from here. Also see research reports by FireEye, Gemini Advisory, and RBS for additional background. The latest victim to come forward — at least the most recent…
Kroger reports ‘isolated incident’ involving pharmacy records
Jason Braverman reports: Kroger announced today that a box of pharmacy records was lost. They said in late July, a records management service, Retrievex, Inc., the company’s business associate, shipped a box of pharmacy records to the Woodstock Kroger via a third-party common carrier. Retrievex confirmed with the carrier that the box was lost in…
Ontario Science Centre data breach exposes 174,000 names, email addresses
David Rider reports: A summertime data breach exposed the names and email addresses of 174,000 Ontario Science Centre members, donors and others including customers for camps and birthday parties, the Star has learned. Campaigner, a company that does email blasts for the provincially owned tourist attraction, informed the science centre on Aug. 16 that “someone…
Senator Demands Review of How DHS Shares PII With Contractors
Akshaya Asokan reports: Sen. Maggie Hasan, D-N.H. is demanding that the U.S. Government Accountability Office review how the Department of Homeland Security shares personal data with third parties following several recent security incidents in which such information was exposed. In an Oct. 23 letter to the GAO, Hassan writes that recent “troubling” security incidents connected to…
Open wide and say, “Ugh, My Data!!!!!”
This is the story of how mapping and analysis of an open elastic search led to the discovery of a misconfigured Amazon s3 bucket that exposed data from hundreds of thousands of dental patients. If you live in Brazil, you may already be experiencing breach fatigue from having had so much of your personal and…