Daily Journal reports: The Mississippi Education Department’s assessment vendor, Questar Assessment, Inc., reported today that 562 students in the Tupelo Public School District were impacted by the data breach the company discovered last week. Questar’s preliminary analysis found that an unauthorized user viewed student assessment records between Dec. 31, 2017 and Jan. 1 from Tupelo…
Category: Subcontractor
Mississippi student data accessed in Questar testing-vendor breach
Bracey Harris reports: Mississippi education officials were unable to say Friday how many students’ personal information might have been obtained in the wake of a data breach at Questar one of the state’s testing vendors. The Mississippi Department of Education said in a statement Friday that an unauthorized user accessed the information of two districts…
New York State Education Department Announces Breach of Data Held by Vendor Questar
Jan. 18 -State Education Department Announces Breach of Data Held by Vendor Questar The State Education Department’s grades 3-8 assessment vendor, Questar Assessment, Inc., experienced a data breach affecting a small number of students registered for computer-based testing (CBT) in spring 2017, Commissioner MaryEllen Elia announced today. Questar reported that its preliminary analysis shows 52…
Medical records from defunct spa and wellness centers found dumped in New Bedford
Ashley Cullinane reports: Medical records were found dumped in New Bedford, sparking concern in the community. Private information like social security numbers and licenses are printed in the files, New Bedford Live reported. The records belonged to MD Medical Spa and Wellness Center in Hyannis and Norwell, Massachusetts. The facilities shut down in 2016. Read…
Website operators are in the dark about privacy violations by third-party scripts
by Steven Englehardt, Gunes Acar, and Arvind Narayanan Recently we revealed that “session replay” scripts on websites record everything you do, like someone looking over your shoulder, and send it to third-party servers. This en-masse data exfiltration inevitably scoops up sensitive, personal information — in real time, as you type it. We released the data…
Federal Appeals Court Slams Data Breach Privilege Claim
Craig A. Newman writes: In the most recent object lesson in a data breach privilege case, a federal appeals court has ordered a Michigan-based mortgage lender to turn over privileged forensic investigatory documents after the investigator’s conclusions were revealed in discovery. Background. In the case, Leibovic v. United Shore Financial Services, LLC, et al, No. 17-2290,…