Dell Cameron reports: Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year. The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement…
Category: U.S.
Alaska malware incident may have compromised personal info held by Office of Children’s Services
And yet another breach disclosed at the beginning of a holiday weekend – this one posted by the State of Alaska: September 1, 2017 ANCHORAGE – The Alaska Department of Health and Social Services had a security breach that may have disclosed personal information of individuals who have interacted with the Office of Children’s Services….
FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach
We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
EXCLUSIVE: Hand Rehabilitation Specialists notifies patients of possible hack by TheDarkOverlord
Back around the Fourth of July holiday, I was busy attempting to confirm some claimed hacks by TheDarkOverlord (TDO). And no, I’m not referring to any entities I’ve previously named on this site, but yet other healthcare entities I’ve never named. In encrypted chats, TDO had provided me with samples of patient data from approximately…
Yahoo must face litigation by data breach victims: U.S. judge
Jonathan Stempel reports: A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches. Wednesday night’s decision from U.S. District Judge Lucy Koh in San Jose, California, was a setback for efforts by Verizon Communications Inc,…
Yet another breach due to envelope windows?! CVS Caremark exposes patients’ HIV status in mailings
I can almost hear Yogi Berra saying, “It’s deja vu all over again.” Lou Chibbaro Jr. reports: CVS Caremark, a division of the CVS pharmacy and healthcare company, abruptly discontinued a mailing last week to patients in Ohio receiving HIV-related medication from the company after it learned that a reference to “HIV” appeared above the…