Another audit from the NYS Comptroller is worthy of note here. This one audited the Holland Patent Central School District for access to their student information system (SIS). The District operates four schools with approximately 1,500 students and 300 employees. This audit covered the period of July 1, 2015 – July 31, 2016. According to the state, the…
Category: U.S.
Expert Hacks Internal DoD Network via Army Website
Eduard Kovacs reports: A security researcher who took part in the Hack the Army bug bounty program managed to gain access to an internal Department of Defense (DoD) network from a public-facing Army recruitment website. [….] Roughly 118 of the reports have been classified as unique and actionable, and participants have been awarded a total…
MN: District 833, police investigate after student accesses private employee data
Scott Wente reports: South Washington County Schools is investigating after a student gained access to electronic personnel data. The district notified all of its roughly 3,250 employees last week that it discovered the data breach and was investigating with the help of law enforcement and a computer forensic firm. While it does not appear files…
NYPD tech worker accused of selling officers’ personal info
Sarah Trefethen reports: An IT worker with access to NYPD personnel files released sensitive information of thousands of officers and tried to cash in on his position by selling data on individual members of the Finest, according to prosecutors. Idahosa Ighodaro, 37, an information technology administrator employed by the NYPD, was hit with charges of…
TriHealth notifies 1,126 patients after software glitch sends statements to old addresses
TriHealth in Cincinnati has issued the following notice about a mailing error that resulted in communications – including billing statements – being sent to patients’ previous addresses rather than their current addresses. The error was attributed to a “software glitch.” January 20, 2017 In late November of 2016, TriHealth discovered a software glitch inadvertently replaced the…
Horizon Blue Cross Blue Shield loses round in data breach litigation
Disclosure of personal information, even without demonstration of misuse of the information, creates de facto injury under FCRA Court vacates and remands Justia provides a summary of an opinion issued by the Court of Appeals for the Third Circuit that revives a potential class action lawsuit again a New Jersey health insurer. The litigation stemmed from…