Update and possible correction: this may be a different breach than the one first reported in February 2020. The post below has been edited to reflect that while I attempt to verify if this was a second incident or not. Yesterday, AIU issued a press release about an incident they say they discovered in January…
Category: U.S.
FL: TGH Urgent Care says data breach may have impacted 558 patients
WTSP reports: A former employee is accused of taking photos of patients’ driver’s licenses and credit card information, according to TGH Urgent Care powered by Fast Track. TGH says they think the former employee took pictures of three people’s personal information while working alone on Sept. 9, at the intake window of its Seminole location….
Judson ISD’s ransomware nightmare won’t be cheap
Brandon Lingle really laces into Judson ISD over their incident response and transparency in the wake of a June ransomware incident. It appears that the district paid an undisclosed amount of ransom to unidentified threat actors, but it’s not clear what they got for that ransom payment. It was a month before phone and email…
WV: Prestera Mental Health Center reports an incident — but is it really a new one?
On July 20, Prestera Mental Health Center posted a notice about what they describe as a “recent” incident. Their notice, which has been picked up by other sites, states, in part: “What Happened? On or about April 1, 2021, Prestera Center discovered that information related to certain individuals was potentially accessible to an unknown actor…
Mobile County Commission notifies employees of data breach; threat actors dump more data
WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims. As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched…
Convenience Store Chain Can’t Shield Investigative Report on Data Breach From Discovery, Judge Rules
We often hear of firms having their counsel running incident response and contracting of forensics, etc., so that any reports would be protected by work product doctrine as well as attorney-client privilege. But if the attorney doesn’t word the contract carefully, any report may not be covered by the doctrine. We saw that in a…