I can almost hear Yogi Berra saying, “It’s deja vu all over again.” Lou Chibbaro Jr. reports: CVS Caremark, a division of the CVS pharmacy and healthcare company, abruptly discontinued a mailing last week to patients in Ohio receiving HIV-related medication from the company after it learned that a reference to “HIV” appeared above the…
Instagram alerts high-profile users their data may have been accessed
Selena Larson reports: Instagram is alerting high-profile users that someone could have accessed their phone number and email address through a bug in its software. In an email sent to verified users on Wednesday, Instagram said that no account passwords were accessed, and the bug has been fixed. It is reminding those people to use…
SC: Dorchester School District 2 says $2,900 ransom paid to recover data after server breach, but no identities stolen
Drew Tripp reports: Dorchester School District 2 officials say no student or staff member’s identity information was stolen or compromised in a ransomware attack on the district’s computer network servers over the summer, but that some files were corrupted and lost, and the district was forced to pay a ransom to regain access to other…
Watchdog pressed to probe post-data breach services
Morgan Chalfant reports: Democratic members of the House Energy and Commerce Committee are pressing a government watchdog to further investigate whether existing credit monitoring services do enough to protect consumers affected by data breaches. The Government Accountability Office (GAO) released a report in March on identity theft services offered by the federal government and private companies…
GAO to agencies: Stop using Social Security numbers for everything
There really is such as a thing as “obvious.” Isn’t there? Adam Stone reports: Federal agencies continue to over-collect, over-use and over-display Social Security numbers, leading to the an unnecessarily high risk of identity theft. That’s the latest from the U.S. Government Accountability Office. In a recent report GAO declares that a decade’s worth of…
UK: Nottinghamshire County Council fined £70,000 for data protection breach
From the Information Commissioner’s Office: A council has been fined £70,000 by the Information Commissioner’s Office (ICO) for leaving vulnerable people’s personal information exposed online for five years. The Data Protection Act requires organisations to take appropriate measures to keep personal data secure, especially when dealing with sensitive information. But Nottinghamshire County Council posted the…