J. D. Capelouto reports: A Nigerian man was sentenced to five years and 11 months in prison on Monday for his role in an online scam that accessed the employee bank accounts of several colleges and universities, including some at Georgia Tech, federal prosecutors said Tuesday. Olayinka Olaniyi, 34, was part of a “phishing” scheme that…
Category: U.S.
$50 million settlement in Yahoo security breach
Michael Liedtke reports: Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. The restitution hinges on federal court approval of a settlement filed late Monday…
Children’s Hospital of Philadelphia Provides Notice of Two Email Incidents
A press release issued October 23. It does not indicate the number of patients affected by each of the two incidents or how the attacker(s) gained access to employee email accounts. Children’s Hospital of Philadelphia (CHOP) is providing to the parents or guardians of some of its current and former patients notice of two recent…
TX: Statement and Frequently Asked Questions about the 2018 ERS OnLine Security Incident
From the Employees Retirement System of Texas, this breach information notice. Note that this was reported to HHS with ERS listed as a health plan, and the breach was reported as affecting 1,248,263 members, but also note that no medical or health information was reportedly involved. On August 17, 2018, the Employees Retirement System of…
Work Study Documents Accidentally Released to College Community
Saadya Chevan reports: Last April, the College’s Financial Aid office uploaded and accidentally made visible to students, faculty, and staff two confidential documents containing federal work-study (FWS) balances of 107 students from two Spring 2018 pay-periods. The documents also reveal by implication that all of these students had applied for and received financial aid awards…
A Washington ISP exposed the ‘keys to the kingdom’ after leaving a server unsecured
Zack Whittaker reports: A Washington state internet provider left an unprotected server online without a password, exposing network schematics, passwords and other sensitive files for at least six months. Worse, it took the company a week to shut off the leak, despite several phone calls and emails warning of the exposure. The little-known internet provider,…