On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the files as involving information of county clients and employees: Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans…
Category: U.S.
Vermont Enacts Insurance Data Security Law
Hunton Andrews Kurth writes: On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). The Vermont Insurance Data Security Law applies to “licensees”—those licensed, authorized to operate or registered, and those required to be…
District 207 Approves Cybersecurity Contract In Wake Of Attempted Breach
Igor Studenkov reports: Maine Township High School Dist. 207 Board of Education voted unanimously on Monday (June 6) to award a one-year cybersecurity contract to the company that helped the district prevent a security breach a few weeks earlier. The district considered bids from seven vendors. When one of the bidders, Texas-based Crowdstrike, was demonstrating…
Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care
Yesterday, Hive threat actors added Goodman Campbell Brain and Spine to their leak site, with a notice that they had encrypted the entity on May 20. They also provided some files as proof. But if Hive hoped this would pressure the multi-location medical entity, they seem to have misjudged their Indiana-based victim. On the homepage…
This is (One of Many Reasons) Why Districts Get Hit with Ransomware
Bill Fitzgerald writes: Even the smallest of school districts are complicated places. Communicating with stakeholders is hard to do well, and getting the details right is imperative. The details become even more important when school boards and superintendents try and communicate about school safety issues. When communication is done well, is not rushed, and goes…
Pennsylvania lawmakers consider requiring government data breach notifications
WHTM reports: Pennsylvania Senator Kristin Phillips, who chairs the technology committee, held a hearing on June 7 about a proposal to require prompt disclosure whenever there is a data breach within the state government. In her opinion, the state should have revealed the unemployment and contact tracing breaches that took place. “Citizens are tired of…