David Bisson reports: A National Health Service (NHS) Trust revealed that it had mistakenly uploaded the personal information of over 18,000 people who had previously tested positive for coronavirus 2019 (COVID-19). On September 14, Public Health Wales announced in a web statement that the data breach had occurred back on the afternoon of August 30, 2020. Read…
Gelderland Security Region Hit in Ransomware Attack
Janene Pieters reports: Veiligheidsregio Noord- en Oost-Gelderland (VNOG) was infected by ransomware over the weekend. The attack left the internal systems damaged. Some functionality is limited or not working at all. But the notification systems like P2000 and C2000, with which the security services communicate, are unaffected. Read more on NLtimes.nl. h/t, @Chum1ng0
Central Bank of Seychelles reports ransomware attack on Development Bank of Seychelles
From a Central Bank of Seychelles(CBS) press release of September 11, as first reported by Bleeping Computer: The Central Bank of Seychelles (CBS) has been informed of a ransomware attack on the network of the Development Bank of Seychelles (DBS). The incident was communicated to CBS on Wednesday 9 September 2020. Since then, CBS has…
Maze attacking some of the country’s largest school districts
On August 27, Clark County School District (CCSD) in Nevada experienced a data security incident that they disclosed the next day. And on September 8, they issued an update. The update noted that the attack was a ransomware attack. Although the district stated it had seen no evidence of misuse, they were notifying everyone to…
Pennsylvania bill requiring state agencies to notify individuals of breaches within seven day approved
Times Observer reports: The Senate Communications & Technology Committee approved a bill requiring timely public notification when a security breach compromises personal information, according to Senator Dan Laughlin, prime sponsor of the bill. Senate Bill 487 updates the Breach of Personal Information Notification Act to require state agencies victimized by a breach involving personally identifiable…
Ca: Multiple Penalties Issued to Individual Convicted of Health Information Breaches
September 10 — A former medical clinic employee pleaded guilty on Wednesday, Sept. 2 to breaching the health information of several individuals in contravention of the Health Information Act (HIA). Olivia Franc was fined $6,000, given three years probation including not being able to access health information, and is required to complete 180 hours of community…