Updated Nov. 21: This incident has just been posted on HHS’s public breach tool as impacting 107,054 patients. Original Post: Marsha Heller of KAIT 8 reports that Saint Francis Healthcare System announced that Ferguson Medical Group (FMG) in Sikeston, Mo. was hit with a ransomware attack on September 20th. The following is the notice on…
Category: U.S.
Accidental data breach at Las Cruces Public Schools discloses vendor social security numbers
KVIA reports: Las Cruces Public Schools now confirms it accidentally sent out an email back in September containing the social security numbers of vendors the district uses. That email was sent to about 150 district employees, officials said. Vendors were advised to place a fraud alert on their credit files as a precaution. Those vendors…
Akron man sentenced to six years in prison for launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department
From the U.S. Attorney’s Office for the Northern District of Ohio, an update on a previously disclosed prosecution: An Akron man was sentenced to six years in prison for launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department. James Robinson, 33, previously pleaded guilty…
Ransomware Bites 400 Veterinary Hospitals
Brian Krebs reports: National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA…
Startup vulnerability leaves Queer Chart student data exposed
Paxton Scott reports: A security flaw allowed users of Queer Chart, a startup founded by Stanford students to link members of the campus queer community, to access all users’ names, profile pictures, email addresses, dates of birth, pronouns, schools and anonymous IDs, its founders have acknowledged. An anonymous ID is meant to allow a user…
Macy’s Customer Payment Info Stolen in Magecart Data Breach
Lawrence Abrams reports: Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections…