WGRZ reports: Independent Health said Friday that the names, member ID numbers and medical information for over 500 Williamsville School District employees were accidentally released to stop loss carriers and brokers. The inadvertent breach took place between August 2019 and August 2021 and was discovered during a regular safety and security review. It did not…
Category: Subcontractor
NJ: Acting AG Bruck Announces Settlement with Fertility Clinic over Cybersecurity Lapses and Data Breach
There’s an update to a 2017 breach affecting patients of Diamond Institute for Infertility and Menopause. At the time, they reported a hack of a third-party server that impacted more than 14,000 patients. Today, the state of New Jersey announced a settlement in their enforcement action against the entity: NEWARK – Acting Attorney General Andrew J….
Data Hack Hits Alumni of Harvard-Westlake Private School
Gary Baum reports: Students’ confidential academic files were hacked and exposed at Los Angeles private school Harvard-Westlake. Archived SAT scores, GPAs, transcripts and college recommendation letters were downloaded, then sent to a group of parents and the school newspaper, as well as The Hollywood Reporter. The materials encompass approximately 150 alumni who graduated over the past…
English High Court Clarifies Appropriate Causes of Action in Data Claim Where Defendant Was a Victim of Third-Party Cyber-Attack
Steven Baker, Vishnu V. Shankar, and Julia Bihary of Proskauer write: In the recent and significant Warren v DSG Retail Ltd [2021] EWHC 2168 (QB) decision the High Court in England clarified the limited circumstances in which claims for breach of confidence, misuse of private information and the tort of negligence might be advanced by individuals for…
Hackers May Have Had Access to Billions of Texts for Years, Global Telecom Company Admit
Katherine Fung reports: A global telecommunications company has admitted that hackers may have had access to billions of text messages from potentially millions of cellphone users for years. Syniverse, which is part of the infrastructure used by AT&T, T-Mobile, Verizon and Vodafone among others, revealed that an unknown “individual or organization gained unauthorized access to…
Millions of South Africans caught up in security incident after debt recovery firm suffers ‘significant data breach’
Jessica Haworth has more details on a breach previously reported on this site. More than a million South African citizens have potentially had their personal data exposed after a ransomware attack at a debt recovery services firm. The company in question, Debt-IN Consultants, confirmed this week (September 22) that it had been the victim of a cyber-attack which resulted in a…