From a Central Bank of Seychelles(CBS) press release of September 11, as first reported by Bleeping Computer: The Central Bank of Seychelles (CBS) has been informed of a ransomware attack on the network of the Development Bank of Seychelles (DBS). The incident was communicated to CBS on Wednesday 9 September 2020. Since then, CBS has…
Maze attacking some of the country’s largest school districts
On August 27, Clark County School District (CCSD) in Nevada experienced a data security incident that they disclosed the next day. And on September 8, they issued an update. The update noted that the attack was a ransomware attack. Although the district stated it had seen no evidence of misuse, they were notifying everyone to…
Pennsylvania bill requiring state agencies to notify individuals of breaches within seven day approved
Times Observer reports: The Senate Communications & Technology Committee approved a bill requiring timely public notification when a security breach compromises personal information, according to Senator Dan Laughlin, prime sponsor of the bill. Senate Bill 487 updates the Breach of Personal Information Notification Act to require state agencies victimized by a breach involving personally identifiable…
Ca: Multiple Penalties Issued to Individual Convicted of Health Information Breaches
September 10 — A former medical clinic employee pleaded guilty on Wednesday, Sept. 2 to breaching the health information of several individuals in contravention of the Health Information Act (HIA). Olivia Franc was fined $6,000, given three years probation including not being able to access health information, and is required to complete 180 hours of community…
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
SC: In September, Roper St. Francis was busy sending notifications on two separate breaches
On September 3, ABC reported that Roper St. Francis was notifying 6,000 patients about a breach involving their protected health information. This week, you may have read that Roper St. Francis is notifying almost 93,000 patients. There are two unrelated incidents. The first involved the compromise of an employee’s email account in June that the…