David Meyer reports: Ransomware hackers who breached the network of MTA timeclock provider Kronos made off with the personal information of several current and former Metro-North employees, transit leadership said Thursday. “Kronos recently informed us that some files containing personal information of some current and former MTA employees at one of our agencies – Metro-North Railroad –…
Category: Subcontractor
COVID testing appointment scheduling service discovers data breach
Jan. 13, 2022 /PRNewswire/ — On or around November 30, 2021, Practolytics LLC (“Practolytics”) learned that it experienced a data security incident. A client-generated report containing COVID testing appointment information, which would normally be deactivated following initial download, remained active. Upon discovery, Practolytics took immediate steps to deactivate and delete the download link to prevent further…
Connecticut company that hosts school websites recovering from ransomware attack
Jesse Leavenworth reports: A Glastonbury-based company that hosts thousands of school websites in Connecticut and across the nation continued to recover Monday from a ransomware attack launched last week. “We still have no evidence that any data has been viewed, compromised or extracted,” Finalsite spokeswoman Morgan Delack said. Finalsite has identified the cyber attacker and…
The Impact of Data Security Incident Trends on Commercial Transactions: Part III – Vendor Agreement Resolutions for 2022
Craig Carpenter and Erika Vela of BakerHostetler write: As the BakerHostetler Digital Risk Advisory and Cybersecurity team wraps up the 2022 edition of annual Data Security Incident Response (DSIR) Report, we take one last look at the findings in the 2021 edition of the report to prepare our New Year’s resolutions of a data privacy and security attorney for…
FinalSite ransomware attack shuts down thousands of school websites
Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…