Mark Saunokonoko reports: Nearly 20,000 University of Tasmania (UTAS) students have had their personal information exposed to the entire campus after a major IT bungle. The data contained “personally identifiable information” of students at the university. UTAS told 9News in a statement there was “no evidence” malicious activity had caused the data breach. Read more on 9News.
Legal misinterpretation to blame for delay in reporting Kentucky unemployment breach
Matthew Glowicki reports: An inspector general report has found there were “unacceptable” delays in reporting an April security breach of Kentucky’s unemployment system but that residents’ personal information doesn’t appear to have been misused. The report primarily blames the monthlong delay in reporting the breach on current legal staff who relied on a holdover procedure from the previous administration…
13-year-old student nabbed in cyber attacks on Valpo schools, police say
Bob Kasarda reports on a case in Indiana: VALPARAISO — A 13-year-old Benjamin Franklin Middle School student was arrested and faces a felony charge of hacking into the school district’s computer system in the wake of ongoing disruptions in online learning, police confirmed Friday morning. The boy, who was taken to the Porter County Juvenile…
The Ministry of Internal Affairs of Belarus reacted to the leak of data from law enforcement officers
Bhavi Mandalia reports: The Ministry of Internal Affairs of Belarus reacted to the leak of data from law enforcement officers to the Internet….. The data of more than a thousand law enforcement officers were made public on September 19. In particular, the surnames, first names, patronymics, dates of birth, city of residence, rank and position…
Are covered entities unnecessarily giving fundraisers PHI on patients?
I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…
Maze attackers adopt Ragnar Locker virtual machine technique
Andrew Brandt and Peter Mackenzie of Sophos report: While conducting an investigation into an attack in July in which the attackers repeatedly attempted to infect computers with Maze ransomware, analysts with Sophos’ Managed Threat Response (MTR) discovered that the attackers had adopted a technique pioneered by the threat actors behind Ragnar Locker earlier this year,…