Pooja Salhotra reports: Teachers’ social security numbers, student academic records, and families’ home addresses are among the dozens of pieces of information a group of tech savvy high school students stumbled across on Google Drive this year. The documents — many of which contained confidential information — were leaked because of a quirk in the…
Category: U.S.
Morgan Stanley asks court to throw out data security lawsuit
Ryan W. Neal reports: Morgan Stanley has asked a New York federal court to throw out a class action lawsuit alleging the firm failed to properly wipe sensitive client information from decommissioned computer equipment that has since gone missing. The former clients cannot plausibly identify instances of personal data being accessed or misused, or any…
NC: Charlotte-Mecklenburg Schools email gaffe exposes medical info on 3,000 students
From the no-need-to-hack-if-it’s-leaking dept., WBTV reports: Charlotte-Mecklenburg Schools sent an email to hundreds of parents that included person and medical information of nearly 3,000 students. The CMS email was to confirm all students who were enrolled in the After School Enrichment Program (ASEP). It was sent out the afternoon of August 6 and went to…
Crytek confirms Egregor ransomware attack, customer data theft
Sergiu Gatlan reports: Game developer and publisher Crytek has confirmed that the Egregor ransomware gang breached its network in October 2020, encrypting systems and stealing files containing customers’ personal info later leaked on the gang’s dark web leak site. The company acknowledged the attack in breach notification letters sent to impacted individuals earlier this month…
Electromed reveals data breach, offers identity theft protection to customers
Evan Ramstad reports: An unauthorized person or group jacked into systems at Electromed Inc., a maker of products that relieve chronic respiratory conditions, and obtained data on customers and employees. In disclosing the data breach, Electromed said Monday it has no indication that any customer information has been used inappropriately. Read more on the Star…
k-12 school districts fall prey to Pysa ransomware
—– A DataBreaches.net report by Dissent and Chum1ng0 —– In Part 1 of this series, DataBreaches.net described a number of attacks by Pysa (mespinoza) threat actors on medical entities in the U.S. In Part 2, we look at eight k-12 public school districts in the U.S. who either appear on the threat actors’ dedicated leak…