Following the delivery of the Selahattin Demirtas v. Turkey (No. 2) judgment on December 22, the website of the European Court of Human Rights was the subject of a large-scale cyberattack which has made it temporarily inaccessible. The Court strongly deplores this serious incident. The competent services are currently making every effort to remedy the…
Proliance Surgeons, Inc. Notifies Customers of Data Security Incident
Why are they calling them “customers” and not “patients?” I’m confused by this press release, below. Were these payment cards the patients’ payment cards/payment info? If so, it’s still protected health information of patients. I’ve reached out to the entity to request clarification. Update: A spokesperson says that the payment cards were not the patients’…
CT: Attorney General Tong Resolves Data Breach Investigation of Sabre Hospitality Solutions
(Hartford, CT) – Attorney General Tong, along with the attorneys general of 27 states, has entered into a settlement with Sabre Corp. that resolves an investigation into the 2017 data breach of Sabre Hospitality Solutions’ hotel booking system. The breach exposed the data of approximately 1.3 million credit cards. The settlement requires a payment of…
Roanoke College delays spring semester after cyberattack
Lawrence Abrams reports that Roanoke College in Virginia is delaying the start of spring semester while they continue to try to recover from what sounds like a ransomware attack. “On Saturday, Dec. 12, Roanoke College experienced a cyber event which impacts our ability to access files. The College’s IT staff disconnected the College’s network and…
One year later, Saskatchewan government still isn’t sure what data were exfiltrated in cyberattack
Back in June, Canadian news outlets provided an update on a ransomware attack on Saskatchewan’s eHealth system that had occurred on December 20, 2019. Now as the year draws to a close, the government still doesn’t know whether personal information was compromised in the attack. And no, this is not uncommon. It is often very…
Dell Wyse Thin Client scores two perfect 10 security flaws
Thomas Claburn reports: Dell, which pitches its Wyse ThinOS as “the most secure thin client operating system,” plans to publish an advisory on Monday for two security vulnerabilities that are as bad as they could possibly be. CVE-2020-29491 and CVE-2020-29492 are both critical flaws, managing a perfect (although unwelcome) CVSS score of 10 out of…