More details have emerged on a breach first noted on this site last month. Jim Small of the Arizona Center for Investigative Reporting (AZCIR) reports that the breach occurred after AZCIR filed a public records request for records of appeals filed by students over letter grades issued by the state Board of Education. On Oct….
SCOTUS Will Not Review CFAA Password Sharing Case
Jason C. Gavejian writes: The United State Supreme Court recently denied certiorari in Nosal v. United States, 16-1344, declining to weigh in on the scope of unauthorized access under the Computer Fraud and Abuse Act (“CFAA”). The Ninth Circuit held in Nosal that David Nosal violated the CFAA by using his past assistant’s password to…
Feds indict AlphaBay’s PR man
Cyrus Farivar reports: A 24-year-old man from Illinois has been accused by federal prosecutors of being the spokesman for AlphaBay, the now-defunct online drug marketplace. On Wednesday, Ronald L. Wheeler III of Streamwood, Ill. was charged in federal court in Atlanta with “conspiracy to commit access device fraud,” according to the Associated Press. Read more…
UK: Nursing auxiliary fined for unlawfully accessing patient records
And while we’re talking about insider breaches, here’s a case from the U.K. From the Information Commissioner’s Office: A nursing auxiliary has been fined for accessing a patient’s medical records without a valid legal reason. Marian Waddell, 61, was working at the Royal Gwent Hospital in Newport when she unlawfully accessed the records of the…
Ca: Pharmacist Given Conditional Sentence for Health Information Breaches
Protenus’s monthly breach barometer reports attempt to hammer home the need to address and prevent insider breaches. The problem is not unique to the U.S.. Here’s a recent case out of Canada: A pharmacist pleaded guilty to accessing health information in contravention of the Health Information Act (HIA) and received a conditional sentence order on October 16,…
Cyta fined for allowing employee to leak personal data
State owned telecommunications authority (Cyta) was fined on Wednesday €10,000 for violating personal data, after an employee gave confidential data of over 200 customers to a retired police officer. The fine was handed down by the commissioner for personal data protection, Irini Loizidou. Read more on Cyprus Mail.