Joseph Luiz reports: The California Department of Motor Vehicles has announced that federal agencies were accidentally given access to Social Security information for about 3,200 people. The department said in a statement that it discovered in August that for at least the past four years, the information was accidentally accessible to seven government entities, including…
Facebook Claims It Unknowingly Shared Private Group Data With Partners
Kurt Wagner reports: Facebook Inc. said it unknowingly gave outside developers access to private user information shared within some groups on its main social network, including the names and profile photos of people who were part of those groups. The company disclosed the issue Tuesday, saying that for the past 18 months some third-party developers…
Failure to Encrypt Mobile Devices Leads to $3 Million HIPAA Settlement
From HHS OCR: The University of Rochester Medical Center (URMC) has agreed to pay $3 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules….
ME: InterMed, P.A. notifying patients after 4 employees fall for phishing attack
Notice posted on InterMed, P.A.’s web site, Nov. 4: On September 6, 2019, we learned that an unauthorized individual gained access to an employee’s email account between September 4 and September 6, 2019. We immediately took steps to secure the account, began an internal investigation, and engaged a leading national computer forensic firm to conduct an…
Now available: Catalan Information Security Center produces reports in English for the 2019 Barcelona Congress
CESICAT (Information Security Center of Catalonia) contacted me this week to share some news and to ask me to share it with my readers and followers on Twitter. I am delighted to. CESICAT is a public organization committed to protecting cybersecurity of the public sector in Catalonia. Next year they will become the Cybersecurity Agency…
Ransomware hits Spanish companies sparking WannaCry panic
Catalin Cimpanu reports: Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. […] The first is Everis, an IT consultancy firm owned by the NTT Data Group. The second is Cadena SER, Spain’s largest radio network, which also admitted to the incident…