WELP reports: The Financial Times was the first to break this story earlier today (29th December 2020. This breach occurred when GetSchooled (getschooled.com), a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom left a database open and accessible to anyone with a browser and internet connection. According to TurgenSec: The breach impacts 930k individuals,…
Category: U.S.
OR: Treasure Valley Community College notifies community members of breach after late discovery
Treasure Valley Community College (“TVCC”) has become aware of a data security incident that may have involved the personal information of certain TVCC community members. TVCC is offering complimentary credit monitoring services to them. On August 25, 2020 , TVCC learned that unauthorized access to an employee email account had by an unknown person may have exposed personal…
FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule
Hunton Andrews Kurth writes: On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders. The FTC alleged that Ascension’s vendor, OpticsML,…
Riverside Community Care notifies clients of October ransomware attack
On November 9, DataBreaches.net posted a commentary calling for patients to be notified sooner when their data had been stolen and dumped by ransomware threat actors. In the companion article to that post, Without Undue Delay, specific victims were listed with comments as to whether they had notified patients or not. One of those victims who…
Camera Giant Canon Targeted in Proposed Data Breach Class Action
Jake Holland reports: Camera and lens manufacturer Canon U.S.A. Inc. was hit with a proposed class action after a ransomware attack exposed current and former employees’ personal information. The plaintiffs—residents of Ohio, New York, Florida, and Illinois—allege that the company acted negligently and violated several state trade practices laws by failing to guard against the threat, according…
5th Avenue Theatre Takes Action Following Theft of Employee Data in August
SEATTLE, Dec. 24, 2020 /PRNewswire/ — The 5th Avenue Theatre (the “Theatre”) announced today that it suffered a break-in and theft which it first learned of on August 30, 2020 (the “Incident”). The Incident occurred overnight on August 29, 2020 where unauthorized individuals broke into the Theatre, among other offices in the building, and stole certain computer back-up tapes and specialized equipment which…