Jesse Leavenworth reports: A Glastonbury-based company that hosts thousands of school websites in Connecticut and across the nation continued to recover Monday from a ransomware attack launched last week. “We still have no evidence that any data has been viewed, compromised or extracted,” Finalsite spokeswoman Morgan Delack said. Finalsite has identified the cyber attacker and…
Category: Subcontractor
The Impact of Data Security Incident Trends on Commercial Transactions: Part III – Vendor Agreement Resolutions for 2022
Craig Carpenter and Erika Vela of BakerHostetler write: As the BakerHostetler Digital Risk Advisory and Cybersecurity team wraps up the 2022 edition of annual Data Security Incident Response (DSIR) Report, we take one last look at the findings in the 2021 edition of the report to prepare our New Year’s resolutions of a data privacy and security attorney for…
FinalSite ransomware attack shuts down thousands of school websites
Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
UVA Health notified patients after Ciox Health data breach (updated)
Someone on Twitter asked me what the first breach of 2022 would be. The following public notice is not the first breach of 2022. It is a 2021 breach that just showed up after midnight in my news search this morning. And because it involves a third-party breach, we may see other covered entities affected,…
Vendor hack slows NJ state agency’s ability to print documents
101.5 reports: Receiving a printed state document could prove to be a challenge because of an issue with the vendor used by the state. The state office of Office of Information Technology, which facilitates the service, said vendor R.R. Donnelley & Sons identified a “systems intrusion in its technical environment” and responded by shutting down…