Posted on: December 29, 2020 by the City of Cornelia: City of Cornelia Ransomware Incident The City of Cornelia is dealing with a ransomware incident that began on December 26. We have anticipated situations such as this and, out of an abundance of caution, we have taken down our network while we investigate and restore our…
Category: U.S.
EXCLUSIVE: Conti describes how they attacked Leon Medical Centers; shows DataBreaches.net almost 2 million patient-related files
I’ve always resisted any urge to write a “worst breaches of the year” piece at the beginning of December because I just know that if I do, there’s going to be something that would be on my “worst” list if only I had waited a few weeks. The Conti ransomware attack on Leon Medical Centers…
Bill & Melinda Gates Foundation’s Charity GetSchooled Breaches 900k Children’s Details
WELP reports: The Financial Times was the first to break this story earlier today (29th December 2020. This breach occurred when GetSchooled (getschooled.com), a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom left a database open and accessible to anyone with a browser and internet connection. According to TurgenSec: The breach impacts 930k individuals,…
OR: Treasure Valley Community College notifies community members of breach after late discovery
Treasure Valley Community College (“TVCC”) has become aware of a data security incident that may have involved the personal information of certain TVCC community members. TVCC is offering complimentary credit monitoring services to them. On August 25, 2020 , TVCC learned that unauthorized access to an employee email account had by an unknown person may have exposed personal…
FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule
Hunton Andrews Kurth writes: On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders. The FTC alleged that Ascension’s vendor, OpticsML,…
Riverside Community Care notifies clients of October ransomware attack
On November 9, DataBreaches.net posted a commentary calling for patients to be notified sooner when their data had been stolen and dumped by ransomware threat actors. In the companion article to that post, Without Undue Delay, specific victims were listed with comments as to whether they had notified patients or not. One of those victims who…