“I sue you, You sue me, We both sue too easily. Too easily to let it show. I sue you and that’s all I know.” — wrote Art Garfunkel never. Alison Frankel reports: A day after Aetna sued the claims administrator Kurtzman Carson Consultants for exposing confidential medical information about Aetna clients in a settlement…
Category: U.S.
Voter, Bee databases hit with ransomware attack
Adam Ashton reports: Two Sacramento Bee databases on a third-party computer server were seized last month by an anonymous hacker who demanded The Bee pay a ransom in Bitcoin to get the data back. The intrusion, which was discovered by a Bee employee last week, exposed one database containing California voter registration data from the…
NC: Thomasville employees’ SSN accidentally released in public records request screw-up
Here we go again. Another public records request where someone sent out records without proper redaction. This time, it’s nearly 270 employees of the city of Thomasville who had their SSN disclosed improperly and then uploaded to Facebook. The city will give them credit monitoring. FOX8 has the story.
FBI Private Industry Notification warns schools about TheDarkOverlord
On January 31, 2018, the FBI released a Private Industry Notification (PIN) warning schools about the hacker(s) known as TheDarkOverlord. The information in the PIN was provided by the FBI and the Department of Education’s Office of the Inspector General, and it appears to be an expanded version of a prior alert to schools issued by…
What to Know About ED’s New Stance On Data Breach Reporting
Sean Tassi reports: Until recently, colleges and universities that experienced a data breach had no unique reporting obligations to the U.S. Department of Education. Institutions were expected to analyze security incidents under applicable federal and state laws and, when appropriate, notify affected individuals and appropriate federal and state agencies. Because the Family Educational Rights and…
IL: Reinstated school district IT Director sues school board over breach response
In May, 2016, this site noted a breach report from Abingdon-Avon School District in Illinois. One month later, we noted a news report that their IT Director, identified at the time as Mark Rodgers (sic), had been arrested, although it wasn’t clear if the felony eavesdropping charges were directly related to the breach. Not reported…