NBC Washington reports: A Maryland police department says it experienced its “worst computer network attack” in its history, after the attacker accessed its network through a longtime software vendor. Salisbury police Capt. Rich Kaiser tells The Daily Times of Salisbury that the department’s entire internal computer network was compromised Jan. 9 in a ransomware attack….
Category: U.S.
Alaska notifying at least 500,000 residents about data security breach previously disclosed in June
Update: The state subsequently revised its estimate to 87,000 letters. How did it get the numbers so wrong — apart from the question of why it has taken so long to send out notifications. This does NOT inspire confidence in the state’s ability to protect ePHI and to notify people promptly in the event…
Why doesn’t Twitter have a way to notify them of leaks or concerns outside of a bug bounty program?
L33tdawg writes: Twitter has owned up to a privacy goof that exposed some Android users’ private tweets. That would be bad enough if the problem existed for an hour, or a day, or a month. But unfortunately for Twitter (and affected users) the problem was present from November 3 2014 until January 14 2019. That’s…
Graeter’s: Website breach could compromise 12,000 customers’ credit card data
WLWT reports: Cincinnati-based Graeter’s ice cream has issued notices to thousands of customers: Your credit card information may be compromised. The ice cream chain sent out 12,000 notices to customers who made purchases on Graeter’s website last year, saying that an “unauthorized code” was added to the website’s checkout page. As a result, thousands of…
Valley Hope Association notifies patients after employee email hack
Note: VHA’s notice on their web site emphasizes that no diagnostic or treatment information was exposed. Given the nature of this provider, that will be a relief to many patients. Because this incident is not yet posted on HHS’s public breach tool, we do not yet have the number being notified. The following is VHA’s…
BlackRock exposes info on thousands of advisers via website
Bloomberg reports: BlackRock Inc., the world’s largest asset manager, inadvertently posted confidential information about thousands of financial adviser clients on its website. The data appeared in three spreadsheets, linked on one of the New York-based company’s web pages dedicated to its iShares exchange-traded funds. The documents included names and email addresses of financial advisers who buy…