One month after first detecting a problem, Boston law firm Taylor, Ganson & Perrin LLP is providing notice of a data security breach. Like many law firms who have experienced breaches, clients’ medical information and what might be protected health information may have been accessed or acquired by the unnamed threat actor(s), but whether it…
Category: U.S.
Report: Missouri Governor’s Office Responsible for Teacher Data Leak
Brian Krebs reports on a follow-up to the case of Missouri’s Governor Parsons tried to sue a journalist and others who had responsibly disclosed and reported on a data leak by the state. The data leak first came to public attention in October, 2021 when Josh Renaud reported on the exposure and the steps the…
Michigan Medicine notifies 269 patients after discovering a snooping employee
Here’s a good example of how monitoring and logs can detect a problem and prevent even more problems. Michigan Medicine detected an employee accessing patient records without legitimate need. The improper access began in December, 2021, and continued until it was caught by monitoring on January 25, 2022. Access was cut off on January 27…
Allen ISD cybersecurity update: personal information of more than 500 employees hacked in September 2021
Jay Wallis provides an update on the Allen ISD ransomware incident first reported by the district in September. Part of the district’s newly revealed findings: According to the investigation, there is no evidence that any unauthorized user got into Allen ISD’s databases, including the Student Information and Financial databases. District officials said they determined that…
NC: Charlotte Radiology notifies patients of December security incident
Joe Marusak reports: A prominent Charlotte medical services provider experienced a recent weeklong data breach in which some patient information was stolen, “including a very limited number of patients’ Social Security numbers,” company officials said Friday. In a statement, Charlotte Radiology officials said they found no evidence of “fraud or misuse” as a result of…
Sea Mar Community Health Centers Hit with Class Action Suits Over 2021 Data Breach
Kendal Enz reports: Sea Mar Community Health Centers is facing numerous class action complaints for alleged inadequate cyber security procedures that resulted in a data breach of more than 650,000 class members’ sensitive information. The complaints, which were filed in November 2021 in King County Superior Court, were removed to Washington’s Western District Court this…