Derek Healey reports: Education Scotland is facing “very difficult questions” after being forced to order a hard reset of all passwords across its national digital learning platform following a major security breach. An email distributed to headteachers and seen by The Courier has revealed how management called for all log-ins to be scrapped after it…
Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider
Catalin Cimpanu reports: The personal details and payment card data of guests from hundreds of hotels, if not more, have been stolen this month by an unknown attacker, Bleeping Computer has learned. The data was taken from FastBooking, a Paris-based company that sells hotel booking software to more than 4,000 hotels in 100 countries —as…
Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy
In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa. …
Judge Dismisses Lawsuit Charging LabCorp with HIPAA Violation
Fred Donovan reports: June 25, 2018 – US District Court Judge Rudolph Contreras dismissed a lawsuit by Hope Lee-Thomas accusing LabCorp of a HIPAA violation for not providing adequate privacy protections at its Providence Hospital computer intake station. Lee-Thomas argued in her lawsuit that LabCorp failed to shield her PHI from public view at its computer…
Michigan Medicine notifies patients of health information data breach
ANN ARBOR, Mich. — Michigan Medicine is notifying approximately 870 patients about the theft of a laptop computer that may have exposed some of their health information. On June 3, 2018, a Michigan Medicine employee’s personal laptop computer was stolen. The theft occurred when the employee’s car was broken into and his bag, which contained the…
Comcast fixes another Xfinity website data leak
Zack Whittaker reports: A little-known page on Comcast’s Xfinity website was exposing customers’ account information to anyone — or any app — on a customer’s network. An anonymous security researcher dropped ZDNet an email, explaining that an API used by the internet giant could be tricked into returning customer data, including account numbers, a customer’s…