Each year, many news sites add up the number of reports on HHS’s public breach tool and then add up the number of records reported for those incidents. For 2023, that came to 725 reports and about 135 million records. Those numbers are disturbing, but not as disturbing as the numbers out today by Protenus….
Decreasing ransomware attacks: two strategies to consider
Experts agree that a ban on ransom payments should decrease ransomware attacks, but concerns about implementing any ban are not trivial. Here are two ideas to consider. Proposal 1: Increasing the Sanctions List Expanding the sanctions list to include every ransomware group with a leak site might make threat actors less likely to threaten victims…
What Austin ISD said led to student information being released to non-guardians
Johann Castro reports: Some Austin ISD students mistakenly had their records released to people who weren’t their parents or legal guardians. According to a report from KVUE’s media partners at the Austin American-Statesman, documents revealed that a special education database vendor mistakenly released the private information for about 160 Austin students in December. The report…
Scranton School District hit by cyber attack
Sarah Hofius Hall reports: The Scranton School District is the target of a ransomware attack, the acting superintendent confirmed Friday. Third-party forensic specialists are investigating the source of the incident and the impact on district systems and will “restore full functionality to the system as soon as possible,” according to the statement from Acting Superintendent…
NHS Scotland hit by ‘ongoing’ cyber attack amid fears hackers have stolen patients’ personal data
During these incursions into our systems, there is a risk that hackers have been able to acquire a significant quantity of data. Harry Williamson of The Sun reports: A Scots health board has been hit by an ongoing cyber attack. Hackers targeted NHS Dumfries and Galloway and may have accessed patient data. Staff have been urged to stay…
FCC Updated Data Breach Notification Rules Go into Effect Despite Challenges
Hunton Andrews Kurth writes that on March 13, 2024, the Federal Communications Commission’s updates to the FCC data breach notification rules (the “Rules”) went into effect despite legal challenges. The rules were adopted in December 2023 pursuant to an FCC Report and Order (the “Order”). Their previous blog post explained the Rules: Pursuant to the…