Sara Merken reports: Brokerage firm National Securities Corp has agreed to pay $3 million in a settlement with New York’s financial services regulator over shortfalls that resulted in four cybersecurity breaches involving unauthorized access to email accounts. Read more on Reuters. NY DFS’s press release: Superintendent of Financial Services Linda A. Lacewell announced today that…
Category: U.S.
Software developer charged with damaging the computer system of a Cleveland company
Acting U.S. Attorney Bridget M. Brennan announced that a federal grand jury sitting in Cleveland has returned an indictment charging Davis Lu, 51, of Houston, Texas, with one count of damaging protected computers. The Defendant is accused of using his position as a software developer to execute malicious code on his employer’s computer servers. The…
NY: Montefiore Medical Center discloses fourth insider-wrongdoing breach in seven months
Montefiore Medical Center in New York is notifying patients of yet another insider-wrongdoing breach. Read their press release below and then the comments after it. April 13, 2021 /PRNewswire/ — Today, Montefiore Medical Center is notifying some patients about a security breach involving information illegally accessed by a former employee. Categories of personal information accessed varied…
Baltimore County Public Schools takes responsibility for data breach that affected teachers
Tim Tooten reports: More than 2,500 of Baltimore County Public School system employees have had their personal information compromised and the district said it’s their fault. It follows a number of technology issues the school system has been dealing with since November. School officials said they learned about the technology failure in January, but letters…
Lawsuit accuses Pennsylvania addiction treatment center of failing to protect patient information from data hack
In February, HHS added an incident to their public breach tool involving Pennsylvania Adult & Teen Challenge, an addiction treatment center. In July, 2020, PPATC had discovered that an unauthorized individual had accessed some employee email accounts. A forensic investigation could not determine what information in those accounts had been accessed, and they wound up…
Update on Cuyahoga Metropolitan Housing Authority ransomware incident
As reported previously, on February 10, Cuyahoga Metropolitan Housing Authority became a victim of the DoppelPaymer ransomware operators. SuspectFile had noted that the threat actors were already dumping data less than two weeks later. Counsel to CMHA recently notified the Maine Attorney General’s office that a total of 189,008 people were impacted by the attack….