John Bresnahan, Anna Palmer, and Jake Sherman report that iConstituent, a vendor providing an e-newsletter system used by many members of Congress for constituent outreach, was the victim of a ransomware attack. The attack has reportedly impacted approximately 60 members of the House from both parties, who have been unable to retrieve constituent information for…
Category: Subcontractor
Au: NSW Health confirms data breached due to Accellion breach
Asha Barbaschow reports: “Following the NSW government’s advice earlier this year around a world-wide cyber attack that included NSW government agencies, NSW Health is notifying people whose data may have been accessed in the global Accellion cyber attack,” it said in a statement. The state entity said medical records in public hospitals were not affected…
BioTel Heart Notice of Breach of Personal Information
Cardiac biotelemetry firm BioTel seems to be issuing public notices about a data leak incident first reported on this site in August, 2020. The data were only secured when Amazon was contacted by a researcher and asked to reach out to their customer to secure the data. Neither BioTel nor its vendor had responded to…
Tokyo Games organizers hit by data breach and info leak
Kyodo News reports: The organizing committee for the Tokyo Olympics has become the latest to be hit by a data breach through unauthorized access to an information-sharing tool developed by Fujitsu Ltd., sources familiar with the matter said Friday. Personal information was leaked from a total of about 170 people who are involved in security…
UMD-Baltimore updates Accellion breach notification after finding PII and PHI involved
On April 1, DataBreaches.net reported that the University of Maryland, Baltimore was one of the educational entities impacted by the CLOP hack and exfiltration of Accellion client data, but that neither UMD nor Accellion even knew that until the last week in March. This week, the university issued an updated press release that reveals that…
Caravus impacted by Netgain Technology breach because vendor failure to destroy legacy data
I’ve continued to add updates to a post about the Netgain Technology breach. Keep in mind that the ransomware incident occurred in November, 2020, and since January, we have seen entities disclosing the incident. But one disclosure today is somewhat frustrating to read — and not just for the delay in notification, but for the…