Marianne Kolbasuk McGee reports: A hacking incident at a New York-based administrative services firm has resulted in a growing list of anesthesiology practices reporting breaches that so far have affected the personal information of about 430,000 people. Somnia Inc., in Harrison, New York, is a physician-owned anesthesia management services firm that also appears to have…
Category: U.S.
A state-appointed receiver is investigating a phishing scam that drained $400K from Chester’s coffers
Vinny Vella reports: A phishing scam siphoned more than $400,000 from Chester in June, and the state-appointed receiver who is handling the beleaguered city’s finances wants to know why his office wasn’t notified until two weeks ago. In a memo sent to Mayor Thaddeus Kirkland and Chester’s city council on Monday, Michael T. Doweary said…
SolarWinds reaches $26m settlement with shareholders, expects SEC action
Jessica Lyons Hardcastle reports: SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit, and it’s also expecting to be slapped with an enforcement action by Uncle Sam – both related to its infamous 2020 supply chain security fiasco, according to the software maker’s most recent US regulatory filing. At the end of…
LinkedIn Scores Partial Win in Long-Running Data Scraping Feud
Andrea Vittorio reports: A workforce analytics firm breached LinkedIn Corp.‘s user agreement by scraping data and using fake accounts to fuel its now-defunct business, a federal court in San Francisco ruled in a lengthy dispute that’s on a path to trial. The ruling, made public Friday, represents a partial win for LinkedIn in a case that…
CT: Brookfield admits ‘blackout pen’ error led to sharing of special education students’ information
Trevor Ballantyne reports: School officials this week acknowledged a failure to properly redact personally identifiable information linked to students receiving special education services from the school district. According to emails obtained by The News-Times, parents accused the district of violating privacy protections laid out under the U.S. Family Education Rights and Privacy Act, or FERPA,…
AstraZeneca password lapse exposed patient data
Here’s today’s example of “No Need to Hack When It’s Leaking.” Zack Whittaker reports: Pharmaceutical giant AstraZeneca has blamed “user error” for leaving a list of credentials online for more than a year that exposed access to sensitive patient data. Mossab Hussein, chief security officer at cybersecurity startup SpiderSilk, told TechCrunch that a developer left the…