NL Times reports: The Dutch data protection authority AP is investigating whether health service GGD is complying with privacy rules with its coronavirus test line, the call center where Netherlands residents can book a Covid-19 test and which calls with their results. This follows stories of former employees still having access to personal data, even…
Category: Subcontractor
A prison video visitation service exposed private calls between inmates and their attorneys
Zack Whittaker reports: Fearing the spread of coronavirus, jails and prisons remain on lockdown. Visitors are unable to see their loved ones serving time, forcing friends and families to use prohibitively expensive video visitation services that often don’t work. But now the security and privacy of these systems are under scrutiny after one St Louis-based prison video visitation provider…
UK: Wisepay: School payments service hit by cyber-attack
BBC reports: Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to about 300…
Medical data of 150 Toronto hospital patients allegedly used to extort money from company
Katherine DeClerq reports: A Toronto hospital says that roughly 150 patients have been impacted by a data breach after a third-party employee allegedly stole medical reports in an effort to extort money from their company after being let go. According to a letter sent on Sept. 30 by a privacy and information access specialist at Unity…
Blackbaud Data Breach: Non-Profit Foundations (Part One)
Marco A. De Felice aka @amvinfe has begun a series of articles on the Blackbaud breach. He begins with Blackbaud’s initially inaccurate claims that no Social Security numbers, bank account data, or sensitive details had been accessed and exfiltrated. As most people know by now, Blackbaud had to issue an update to its original notification,…
University Hospital Limerick writing to 630 patients after alleged major data breach which saw information posted on Twitter
David Raleigh reports: University Hospital Limerick (UHL) is in the process of sending letters to over 600 patients following an alleged major data breach concerning patient data, including details of 95 children, which was then posted on social media. Gardaí have also been informed of the alleged breach by a non-HSE employee. It’s alleged the…