Julia Ingram and Hannah Knowles report: Before this week, Stanford students could view the Common Applications and high school transcripts of other students if they first requested to view their own admission documents under the Family Educational Rights and Privacy Act (FERPA). Accessible documents contained sensitive personal information including, for some students, Social Security numbers….
Category: U.S.
IL: School District computer system; most data recovered, superintendent says
Kennedy Nolen reports: Foreign hackers targeted the Mount Zion schools computer system in an attack that resulted in 19 days’ worth of grades being wiped out across the district. Data was not removed from the system, but the hackers encrypted several servers, making them unusable, Superintendent Travis Roundcount said in an emailed response to questions from the…
FL: AdventHealth notifying more than 42,000 patients impacted by hack of one of their facilities
On January 25, ClickOrlando reported: A hack at a pulmonary practice in Tavares might have exposed sensitive patient information, including Social Security numbers and medical histories. Officials from AdventHealth said in a news release on Friday that an unauthorized third party gained access to systems at AdventHealth Medical Group Pulmonary & Sleep Medicine at Tavares, formerly…
Business hotspot Truluck’s reports data breach at 8 restaurants
Paul O’Donnell reports: Credit card information for customers dining at Truluck’s Seafood, Steak & Crab House in downtown Dallas and Southlake might have been copied by malware inserted into point of sale systems at the restaurants, the company announcedWednesday. The Houston-based chain said the data breach occurred in November and December at the two Dallas-Fort Worth restaurants,…
Anesthesia Associates of Kansas City notifies 3,472 patients after surgery schedules stolen from nurse anesthetist’s car
The notice on their web site: Notice to Our Patients of Recent Privacy Incident Anesthesia Associates of Kansas City is committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice is to inform our patients of an incident involving some of that information. On December 16, 2018, we learned from an…
Fla. Courts Require Actual Injury to Demonstrate Standing in Data Breach Cases
Nicole Rekant and Stevan Pardo write: The proliferation of data breach cases in Florida courts has focused on Article III standing. To meet the pleading standard under Article III, a plaintiff must allege sufficient facts to show the injury-in-fact is concrete, particularized, actual, and imminent, not conjectural or hypothetical. An allegation of imminent injury may suffice…