Joseph Pedrajas reports that there is an update to the alleged data breach that a Commission on Elections official called “fake news:” After about two months of investigation and various denials from different concerned agencies, lawmakers on Thursday, March 17 confirmed that there was “indeed a security breach” in the operations of the Commission on…
Category: Subcontractor
Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security
Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the information of military personnel, diplomats and contractors. The settlement is the first under the Department of Justice’s Civil Cyber-Fraud Initiative,…
State Bar Breach Exposed Thousands More Confidential Records Than Original Estimates, Investigation Shows
Alaina Lancaster reports: More than 60,000 additional confidential attorney discipline records were exposed in a data breach of the State Bar of California’s case management system, according to an ongoing investigation. The bar’s IT incident response team and a third-party forensic firm calculated that more than 322,525 confidential records were available during the leak, compared to…
Class action lawsuit against UKG over Kronos Private Cloud ransomware incident
A class action lawsuit has been filed in a California federal court against workplace management software company UKG Inc. UKG makes timekeeping and payroll management software and offers Kronos Private Cloud services. As a result of a ransomware attack in December, employees of the firm’s clients were not paid at all, were paid late, or…
Nespresso data leak in South Africa
Jan Vermeulen reports: South African Nespresso distributor Top Coffee has sent a notice to clients informing them that their names, phone numbers, and email addresses may have been leaked. According to the notice, the personal information may have been temporarily exposed through a third-party supplier. The distributor doesn’t believe that any customer financial information was…
Long delay before Cybersecurity NSW notified of Accellion hack
Anton Nilsson reports: NSW agencies may have delayed reporting a massive cyber attack to authorities for nearly a month, officials revealed on Monday. The breach of a software known as Accellion in December 2020 affected businesses and agencies worldwide, including Transport for NSW which had sensitive information stolen and posted on the dark web. Cybersecurity NSW…