Marianne Kolbasuk McGee reports: Recent incidents involving inadvertent exposure of patient data on GitHub, a software development and version control platform designed for collaboration, point to the need to ensure that data loss prevention tools are implemented, available security controls are leveraged and employees are made aware of the risks involved in using internet-facing platforms….
Category: U.S.
Contact tracing data breach exposes health information of 72,000 Pennsylvanians
Rachel Yonkunas reports: Multiple investigations are underway after a contact tracing data breach exposed personal health information of 72,000 Pennsylvanians. The unsecured information was collected by employees of Insight Global—the company paid around $30 million in taxpayer money to perform contact tracing in the state. “You could see people’s phone numbers, how many kids they…
Presque Isle police data leaked by threat actors — somewhat
Kathleen Phalen Tomaselli reports: The ransom time clock on the Presque Isle Police Department’s ransomware attack ran out Wednesday at about 9:30 p.m. in a dramatic red-numbered countdown of minutes and seconds racing toward zero on the hacker’s dark web site. But it looks like the unidentified criminals have not yet made their next move…
AmeriFirst Warns Customers of December Data Breach
Mogin Rubin writes: The personal loan information of certain #AmeriFirst Financial, Inc., customers have been compromised, according to the bank’s “data security incident” notification. AmeriFirst said it discovered the breach on April 12, 2021, which infiltrated the bank’s data storage from Dec. 2 to Dec. 10, 2020. Read more on The National Law Review.
Thrifty Drug discloses security breach
Thrifty Drug Stores Inc., which does business as Thrifty White, is notifying customers about a security breach. Thrifty Drug in a statement said it worked with a business associate, Capture Rx, that discovered certain files on its system were accessed without authorization in February. Read more on Bismarck Tribune.
NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses
Kate Hanniford of Alston & Bird writes: Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of…