Sheila Hagar reports: Walla Walla University officials are investigating a campus-wide cyberattack that crashed online networks and phone lines this fall-finals week. School officials today referred to the hacking, discovered Monday, as a ransomware incident but did not confirm a monetary ransom was demanded. Read more on Government Technology.
Category: U.S.
Minnesota Blue Cross scrambles to boost cyberdefenses
Joe Carlson reports: Blue Cross Blue Shield of Minnesota is working rapidly to shore up its cybersecurity defenses after an internal whistleblower raised alarm that the state’s largest health insurer had long neglected thousands of important updates. Internal documents show that Minnesota Blue Cross allowed 200,000 vulnerabilities classified as “critical” or “severe” to linger for…
AG Josh Shapiro reaches settlement with Expedia and Orbitz in 2018 data breach
Valeria de Leon reports: Attorney General Josh Shapiro announced on Friday, he reached a settlement with two online travel reservation companies after they potentially exposed information of thousands of people, including Pennsylvanians. The settlement follows an investigation led by Deputy Attorney General Timothy R. Murphy, into a data breach in 2018 involving Orbitz and its…
TX: City of Odessa notifies residents of Click2Gov breach
Seen on the city’s website: Post Date:12/12/2019 4:54 PM Click2Gov Security Breach ODESSA – We have learned of a data security incident that occurred between August 27, 2019 and October 14, 2019 that involved some of our customers’ credit/debit card information. The City of Odessa utilizes a third-party software product called Click2Gov to provide our…
Hackensack Meridian: We paid ransom to hackers to stop hospital cyber-attack
Michael L. Diamond reports: Hackensack Meridian Health paid an undisclosed amount in ransom to stop a cyber-attack that has disrupted the hospital owner’s computer network since it began last week, the company said Friday. The Edison-based company said it had insurance to help cover the costs associated with cyber-attacks, including payment, remediation and recovery efforts….
On the notification warpath, Friday edition
In 2006, I started advocating that there needs to be a law or regulation that requires businesses to have a method to receive notifications of security alerts. A number of people I respect offered explanations as to why that wasn’t a great idea. But 13 years later, I’m more convinced than ever that we need…