Sade M. Gordon reports: State and local law-enforcement agencies are investigating an apparent hack of data from the Martin County website. Officials were unaware the 3-year-old data — stored offsite — was stolen until a person contacted the county legal department early this week. The caller didn’t threaten the county or ask for ransom, spokesperson Martha Ann Kneiss…
Category: U.S.
Health Insurer Pays $6.85 Million to Settle Data Breach Affecting Over 10.4 Million People
HHS has announced another big settlement and corrective action plan. This one stems from a hack of Premera Blue Cross (PBC) in 2014 that went undetected until March of 2015. DataBreaches.net had covered this incident at the time and the follow-ups that included a class action lawsuit that settled, a settlement with state attorneys general,…
CISA says a hacker breached a federal agency
Catalin Cimpanu reports: A hacker has gained access and exfiltrated data from a federal agency, the Cybersecurity and Infrastructure Security Agency (CISA) said on Thursday. The name of the hacked federal agency, the date of the intrusion, or any details about the intruder, such as an industry codename or state affiliation, were not disclosed. Read…
Fallout From The Ransomware Attack At Illinois Valley Community College Is Still Far From Over
Peter Medlin has an update on the Pysa (mespinoza) ransomware attack on Illinois Valley Community College that was first disclosed in April. The college had not paid the ransom demand, and has continued to work to recover from the attack. Medlin notes: In the months since the ransomware incident, IVCC has had to rebuild and…
Maryland Man Sentenced to Prison for Intentionally Damaging the Computers of His Former Employer
From DOJ, this press release today about a case where a former employee exceeded previously authorized access: A Maryland man was sentenced by U.S. District Judge Catherine C. Blake today to 12 months and one day in federal prison, followed by three years of supervised release, for illegally accessing and damaging the computer network of…
OH: Stark Summit Ambulance notified patients and employees of data breach
Ohio-based Stark Summit Ambulance has disclosed a data security incident impacting employees and patients. On May 28, 2020, the firm learned of unusual activity involving one Stark Summit Ambulance employee email account. Over the next few months, as they continued investigating, they discovered more employee email accounts that had been compromised. By the end of July,…