I don’t have access to the full article, but Law360 is reporting that: CVS Can’t Recoup $1.8M Info Disclosure Penalty From Printer A printing company that contracted with CVS to mail benefit letters to IBM employees doesn’t have to reimburse the $1.845 million the drugstore had to dole out after letters were sent… Read it…
Category: U.S.
Former NSA contractor accused of largest security breach in US history expected to plead guilty
Kevin Collier reports: A former National Security Agency contractor accused of the largest security breach in US intelligence history is expected to plead guilty on Thursday, his lawyer told CNN. Harold “Hal” Martin, 54, had worked for 23 years as a contractor for companies that contracted with various intelligence agencies and maintained a government clearance…
Voya Financial Advisors exposes more sensitive adviser information on its website
Less than six months after Voya made headlines by agreeing to pay $1 million to settle SEC charges stemming from a 2016 breach, they have been back in the news after two incidents — one embarrassing and one concerning. Bruce Kelly reports: Weeks after a computer glitch risked exposing the Social Security numbers of its…
Phishing incident gets Oregon.gov emails blacklisted by Microsoft, again
Colin Wood reports: Oregon state government employees on Tuesday regained the ability to email people with certain email suffixes after a state employee fell victim to a phishing attack that briefly resulted in the state being blacklisted by email services offered by Microsoft. According to an internal memo sent to agency directors by state Chief…
Hosting Provider Finally Takes Down Spyware Leak of Thousands of Photos and Phone Calls
Lorenzo Franceschi-Bicchierai has an update on a recent story: A company that sells cellphone spyware to consumers left 95,000 images and more than 25,000 audio recordings on a server accessible to anyone on the internet for weeks. The sensitive data was so easy to access, that Motherboard couldn’t even name the spyware company in its…
Butler County employee suspended after emailing spreadsheet with personal information
Denise G. Callahan reports: The Butler County commissioners approved a two-day, unpaid suspension for an employee who inadvertently sent out an email with wellness information regarding the county’s health insurance, which might have violated HIPAA laws. Shawna Smith, the county’s wellness coordinator, sent out an email in September with a spreadsheet that included hidden columns…