Saadya Chevan reports: Last April, the College’s Financial Aid office uploaded and accidentally made visible to students, faculty, and staff two confidential documents containing federal work-study (FWS) balances of 107 students from two Spring 2018 pay-periods. The documents also reveal by implication that all of these students had applied for and received financial aid awards…
Category: U.S.
A Washington ISP exposed the ‘keys to the kingdom’ after leaving a server unsecured
Zack Whittaker reports: A Washington state internet provider left an unprotected server online without a password, exposing network schematics, passwords and other sensitive files for at least six months. Worse, it took the company a week to shut off the leak, despite several phone calls and emails warning of the exposure. The little-known internet provider,…
GSA Took 800 Days to Notify Some Data Breach Victims
Joseph Marks reports: It took the General Services Administration more than 800 days to notify a handful of people that it had accidentally exposed their personal information, according to an audit released Friday. In another case, the agency took six months just to determine that a data breach related to background investigation information had occurred,…
National Ambulatory Hernia Institute notifies almost 16,000 patients of Gamma ransomware attack
On October 5, HHS received a HIPAA breach notification from the National Ambulatory Hernia Institute in California. According to the notification, the incident affected 15,974 patients. A notice prominently displayed on NAHI’s site explains that there was a ransomware incident on September 13. URGENT NOTICE – DATA BREACH SUSPECTED URGENT NOTICE: Our office has experienced a…
Indiana National Guard reports ransomware attack to server
WISH-TV reports: The Indiana National Guard revealed Thursday that a state, nonmilitary server with identifying information of its personnel was the subject of a ransomware attack. The Guard said in a news release from Master Sgt. Jeff Lowry: “As a result of this action we are in the process of notifying personnel that may be affected,…
CT: City pays USD 2,000 in computer ransomware attack
AP reports: A Connecticut city has paid USD 2,000 to restore access to its computer system after a ransomware attack. West Haven officials said Thursday they paid the money to anonymous attackers through the digital currency bitcoin to unlock 23 servers and restore access to city data. Read more on Deccan Chronicle.