On August 27, Clark County School District (CCSD) in Nevada experienced a data security incident that they disclosed the next day. And on September 8, they issued an update. The update noted that the attack was a ransomware attack. Although the district stated it had seen no evidence of misuse, they were notifying everyone to…
Category: U.S.
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
SC: In September, Roper St. Francis was busy sending notifications on two separate breaches
On September 3, ABC reported that Roper St. Francis was notifying 6,000 patients about a breach involving their protected health information. This week, you may have read that Roper St. Francis is notifying almost 93,000 patients. There are two unrelated incidents. The first involved the compromise of an employee’s email account in June that the…
CU Collections Notifies Customers of Data Security Incident
The following press release was released on Friday, September 11, after 5 pm. It appears to be the same press release CU Collections issued on July 29, with the exception that this one specifically mentions Wellspring Credit Union: CU Collections, LLC (“CU Collections” or the “Company”) announced today that it had suffered a data security…
Fairfax County Public Schools confirms it was a victim of cyberattack
There was nothing on the homepage of Fairfax County Public Schools in Virginia that would indicate any cyberattack or problem, but the ransomware threat actors known as Maze had listed the FCPS on its leak site this week and provided some files as proof of access/acquisition. DataBreaches.net contacted FCPS to ask them whether they…
Secure Data Technologies Sues Ex-Employee for Breach of Contract
Christina Tabacco reports: On Thursday, Secure Data Technologies, Inc. sued a former employee for hacking the company’s email system and removing confidential and proprietary information. The Eastern District of Missouri lawsuit states seven claims for relief under various Missouri and Illinois business tort and computer fraud statutes. According to the filing, Secure Data is an Illinois corporation,…