Keith Gushard reports: Meadville Medical Center is dealing with a data security incident involving its employee payroll system. The incident was discovered last week and involves only employee information at this point, according Don Rhoten, the hospital’s vice president of consumer engagement. The security problem “may have resulted in unauthorized access to the personal information of some…
The UK government to strengthen security of internet-connected products
January 27 — A new law will protect millions of users of internet-connected household items from the threat of cyber hacks, Digital Minister Matt Warman announced today. The plans, drawn up by the Department for Digital, Culture, Media and Sport (DCMS), will make sure all consumer smart devices sold in the UK adhere to the three…
The cyber attack the UN tried to keep under wraps
The New Humanitarian reports: While researching cybersecurity last November, we came across a confidential report about the UN. Networks and databases had been severely compromised – and almost no one we spoke to had heard about it. This article about that attack adds to The New Humanitarian’s previous coverage on humanitarian data. We look at how the…
NYS Comptroller Audit of Sackets Harbor Central School District – Information Technology (2019M-208)
The NYS Comptroller released another school district IT audit this week. I’ve been publishing these audit reports for a number of years now because they pretty much all show significant data security failures in protecting student and/or employee personal and sensitive information or assets. Sackets Harbor Central School District is a small school district. It…
PA: Not Retroactively Redacting May Have Exposed Social Security Numbers
Jamie Martines reports: Hundreds of Social Security numbers could be contained in unredacted documents housed on the Allegheny County Civil Courts public website. The Tribune-Review located federal tax lien documents filed each year from 1997 to 2010 that display unredacted tax identification numbers. Read more on Governing. This is sooooo 1990’s…. still.
UK: Students got £140,000 from University of East Anglia for private data leak
Bethany Wales reports: The leak in June 2017 saw an email containing confidential details about students’ extenuating circumstances sent to hundreds of their peers. The circumstances, detailed in a spreadsheet, included suicidal thoughts, sexual assault, and serious family illnesses and bereavements. Now, a Freedom of Information request has revealed the university’s insurers paid out a…