Mike Donoghue reports a follow-up to a January 2016 phishing incident previously noted on this site: Two Nigerians, indicted in Vermont on federal charges of conspiracy to file fraudulent tax returns, stole personal identification information from hundreds of Vermont state employees and other government workers, a prosecutor said Wednesday in U.S. District Court. Assistant U.S….
Category: U.S.
Community Memorial Health System in Ventura suffers data security breach
Robert Shutt reports: The Community Memorial Health System in Ventura has sent out a notice regarding a data security breach involving patient information. A CMHS employee’s email account was compromised by a phishing email and on June 23 the employee saw irregularities in their account and notified the CMHA administration. Read more on Pacific Coast Business…
No charges in probe into leaked info to Thug Life website
AP reports from Charleston: An investigation into a website that leaked the name of a juvenile charged in a killing along with other confidential police information has ended without any charges filed, according to the State Law Enforcement Division. The probe into the Thug Life website that criticized criminals and prosecutors who the site thought…
Thousands of Security Firm Job Applications Citing Top Secret US Government Work Exposed on Misconfigured Amazon Server
Dell Cameron reports: Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year. The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement…
Alaska malware incident may have compromised personal info held by Office of Children’s Services
And yet another breach disclosed at the beginning of a holiday weekend – this one posted by the State of Alaska: September 1, 2017 ANCHORAGE – The Alaska Department of Health and Social Services had a security breach that may have disclosed personal information of individuals who have interacted with the Office of Children’s Services….
FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach
We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…