Steve Rogers reports: Some current and former Lexington city employees’ personal information was put at risk when a third-party contractor’s e-mail server was hacked in July. The city was notified on Sept. 28 of the security incident by Metaformers Inc., the third-party contractor working on city technology projects, the city said in a release. Read…
Category: Subcontractor
Data leak at Covid testing call center under investigation
NL Times reports: The Dutch data protection authority AP is investigating whether health service GGD is complying with privacy rules with its coronavirus test line, the call center where Netherlands residents can book a Covid-19 test and which calls with their results. This follows stories of former employees still having access to personal data, even…
A prison video visitation service exposed private calls between inmates and their attorneys
Zack Whittaker reports: Fearing the spread of coronavirus, jails and prisons remain on lockdown. Visitors are unable to see their loved ones serving time, forcing friends and families to use prohibitively expensive video visitation services that often don’t work. But now the security and privacy of these systems are under scrutiny after one St Louis-based prison video visitation provider…
UK: Wisepay: School payments service hit by cyber-attack
BBC reports: Parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to about 300…
Medical data of 150 Toronto hospital patients allegedly used to extort money from company
Katherine DeClerq reports: A Toronto hospital says that roughly 150 patients have been impacted by a data breach after a third-party employee allegedly stole medical reports in an effort to extort money from their company after being let go. According to a letter sent on Sept. 30 by a privacy and information access specialist at Unity…
Blackbaud Data Breach: Non-Profit Foundations (Part One)
Marco A. De Felice aka @amvinfe has begun a series of articles on the Blackbaud breach. He begins with Blackbaud’s initially inaccurate claims that no Social Security numbers, bank account data, or sensitive details had been accessed and exfiltrated. As most people know by now, Blackbaud had to issue an update to its original notification,…