The following is a press release issued by the Federal Trade Commission (FTC) that relates to a data security incident — a misconfiguration — discovered by MacKeeper researchers in 2016 that was previously noted on this site, including a subsequent settlement between DealerBuilt and the New Jersey Attorney General’s Office. From the wording of the…
Category: U.S.
Oregon Amends Data Breach Notification Law to Include Vendor Obligations; Expanded Definition of Personal Information
Daniel J. Moses of JacksonLewis writes: As we recently noted, Washington state amended its data breach notification law on May 7 to expand the definition of “personal information” and shorten the notification deadline (among other changes). Not to be outdone by its sister state to the north, Oregon followed suit shortly thereafter—Senate Bill 684 passed unanimously in both legislative…
FL: ‘Triple Threat’ Ransomware Attack Cripples Email Systems and Services of Lake City
Cyware reports: The Lake City Police Department is investigating a ransomware attack on their city network systems that resulted in the shutdown of several emergency services. The ransomware used in the attack has been detected as ‘Triple Threat’. What happened? In a breach notification, the Lake City police have revealed that the attack occurred on…
KY: Hopkins County school system dealing with data breach
Rachel Smith reports: Parents of Hopkins County schoolchildren were greeted with a message from the school board Thursday morning alerting them of a data security breach. Because of a school board staff member’s password-protected account being compromised, a currently unidentified user had access to a countywide database, which contains the names, dates of birth and…
CBP says traveler and license plate images were stolen in data breach
Zack Whittaker reports: U.S. Customs and Border Protection has confirmed a data breach has involved the photos of passengers traveling in and out of the United States. The photos were obtained from a subcontractor’s network through a “malicious cyberattack,” a CBP spokesperson told TechCrunch. The agency first learned of the breach on May 31. “CBP…
Former Corp IT Director Convicted of Computer Fraud
Rachel Cohen reports on a hacking incident involving Corp-Students of Georgetown, Inc. (“The Corp.”). Former Georgetown student Justice Suh pleaded guilty on one count of computer fraud for hacking The Corp’s email system. The federal government charged Suh in D.C. federal court in April 2019, and the U.S. government representative in this case recommended a…