Catalin Cimpanu reports: A coordinated ransomware attack hit 22 Texas local governments, but none of the impacted municipalities paid ransom demands, Texas state officials said this week. Three weeks after the incident took place, the Texas Department of Information Resources (DIR) said that more than half of the impacted entities are now back to operations…
Oh good grief, Saturday edition
Seen on Twitter: BREAKING: Dutch hospital that just got fined 460.000 euro by Dutch DPA for staff snooping in medical files, is in the news today again: staff used medical files as grocery list. Left them in shopping cart supermarket. Compliance is a cultural issue!https://t.co/LhVELzgL8J #GDPR — Jeroen Terstegge (@PrivaSense) September 7, 2019 A google…
Meridian Community College discloses a breach that was discovered in January
A breach notification by Meridian Community College demonstrates once again, why entities should make determined efforts not to leave emails in employee accounts that may have personally identifiable information in attachments or the emails themselves. In this case, the types of personal information included name, Social Security number, driver’s license number, passport number, date of…
Andy Frain Services reports stolen laptop, but were they also hacked?
Andy Frain Services has reported a breach to the California Attorney General’s Office. The breach reportedly occurred on May 2, and their letter to those affected begins: We are writing with important information regarding a recent security incident. The privacy and security of the personal information we maintain is of the utmost importance to Andy Frain…
UK: Gender identity clinic leaks almost 2,000 patients’ email addresses
Chris Fox reports: The Charing Cross Gender Identity Clinic sent patients an email about an art competition, with hundreds of others CC-ed in. The clinic later tried to recall the message but the error had already been noticed. The Tavistock and Portman NHS Foundation Trust, which is responsible for the clinic, is investigating. Read more…
Security breach on Pepperfry exposes details of users; now plugged
Pranav Hegde reports: A major security flaw was detected on online furniture store Pepperfry’s website, which could have allowed users to sign in to another registered user’s account. Pepperfry has claimed that the bug was fixed within an hour of being detected. Security researcher Ehraz Ahmed found the bug on Pepperfry’s website, which could have…