Nihal Krishan reports: The U.S. Department of Veterans Affairs has admitted that it failed to adequately protect COVID-19 vaccination status data for about 500,000 of its employees. Following an internal investigation by the VA’s Data Breach Response Service, the agency removed a spreadsheet containing personal details including vaccination status, according to a notice sent to the agency’s…
Category: U.S.
Rackspace rocked by ‘security incident’ that has taken out some hosted Exchange services
Simon Sharwood reports: Some of Rackspace’s hosted Microsoft Exchange services have been taken down by what the company has described as a “security incident”. The company’s most recent incident report at the time of writing, time-stamped 01:57 Eastern Time on December 3rd, offers the following information. […] Rackspace has no idea when it will be able…
Florida state tax website bug exposed filers’ data
Zack Whittaker reports: A security flaw on the Florida Department of Revenue website exposed at least hundreds of taxpayers’ Social Security numbers and bank account numbers, a security researcher found. Kamran Mohsin said the security flaw — now fixed — allowed him, or anyone else who was logged in to the state’s business tax registration website,…
‘We weren’t ready’ — Inside St. Michael Medical Center during October cyberattack outages
Nathan Pilling reports: In early October, a fresh batch of troubles arrived at St. Michael Medical Center. They would first be linked to an “IT security incident.” It would eventually be acknowledged by the hospital’s parent organization, CommonSpirit Health – one of the largest nonprofit health care systems in the country – that the group…
‘Cybersecurity incident’ hits San Diego Unified computer network
Not much in the way of details but City News reports: The offices of San Diego Unified School District have experienced a computer-network security breach, SDUSD officials disclosed this week. District Superintendent Lamont Jackson on Thursday sent a letter to his staff and families of students attending SDUSD campuses to apprise them of what he…
Little Rock School District reports data security incident
Little Rock School District has created a web page about a data security incident detected on Nov. 11. They do not call it ransomware and make no mention of any ransom demand. The only thing they seem to be confident of at this point is that at least some data was exfiltrated, but they say…