On February 15, yours truly created an entry in the worksheet I maintain for tabulating U.S. incidents involving health data or protected health information. The entry listed “Capital Medical Center” in Washington as the breached entity, the date of disclosure as February 15, 2021, and the type of incident as a claimed ransomware attack by Avaddon…
Category: U.S.
Maine government website displayed mental health patients’ confidential information
Matthew Stone reports: A state agency displayed confidential information about patients of Maine mental health and addiction treatment agencies and group home residents on a public website, a Bangor Daily News review found. At least 20 documents on the Maine government website contained names and, in some cases, addresses, dates of birth and phone numbers,…
No need to hack if it’s leaking, Wednesday edition: Wyoming Department of Health
From the Wyoming Department of Health, a report involving another GitHub leak: Exposure of Laboratory Test Result Data Described April 27, 2021 The Wyoming Department of Health (WDH) is announcing a mistaken exposure of laboratory test result data involving the health information of thousands of Wyoming residents and others, as well as describing its plan…
Reverb discloses data breach exposing musicians’ personal info
Lawrence Abrams reports: Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online. Reverb is the largest online marketplace devoted to selling new, used, and vintage musical instruments and equipment. Today, Reverb customers began receiving data breach notifications stating that customer information was exposed, including…
OR: Centennial schools to close for 2 days after hackers breach school technology systems
Update of May 6: the district confirmed this as a ransomware attack. Their computers are still offline. Original post: Jayati Ramakrishnan reports: A Portland-area school district has canceled Tuesday and Wednesday classes as staffers work to fix a ransomware attack that may have affected the district’s technology systems. Centennial School District staff discovered Monday that certain…
Developing — Babuk claims to have hacked Metropolitan D.C. Police
Update 8:30 pm: The police have now confirmed unauthorized access to their server. The FBI is investigating. The threat actors known as Babuk have added the Metropolitan Police D.C. to their leak site, adding, “We will not comment this time: Even such an organization has huge security gaps, we advise them to get in touch…