Dan Fumano reports: Sensitive patient data supplied to a Vancouver cannabis dispensary has been either mishandled or — according to the shop’s owner — stolen, a situation again highlighting the cloud of confusion over the regulation of retail pot. […] A tipster recently contacted Postmedia to say he’d found a computer memory card in a…
UK: Midwifery assistant guilty of spying on 29 patients’ medical records from Harwich and Colchester
Vicky Gayle reports: A midwifery assistant who described herself as nosy snooped into 29 people’s medical records including a man who had taken an overdose and parents of her children’s friends. Brioney Woolfe was reported to the head of midwifery at Colchester General Hospital when someone discovered their medical records had been shared with her…
State juror pool data breach exposed Social Security numbers
Kieran Nicholson reported: A lapse in security at the Colorado Judicial Department led to information about jurors in Colorado, including Social Security numbers, being exposed on the internet for about a year. The state court administrator’s office was contacted July 27 by a person in Alaska who alerted state officials about the potential for massive…
Revenge Hacks Cost Former Employee 34 Months in Prison, $1.1 Million in Damages
There’s a follow-up on a case involving a vengeful former employee that I’ve previously noted. Catalin Cimpanu reports: Brian P. Johnson, 44, of Baton Rouge, Louisiana, will have to spend the next 34 months in federal prison and pay $1,134,828 in damages after hacking his former employer shortly after being fired. According to court documents,…
“Mr. Smith:” HBO offered $250,000 “bug bounty” to hackers
The HBO hackers apparently want us all to know that they weren’t bluffing when they said they would not play games or go along with delaying tactics. In a letter to HBO, described previously on this site, the hackers had written, “As we witnessed in other cases, Fucking FBI or other police enforcements, teach you…
How to report a data breach under the GDPR
Conor Donnelly writes: One of the main changes under the GDPR is that all organisations must report a personal data breach to their supervisory authority within 72 hours, and in some cases to the individuals affected. What is a personal data breach? A personal data breach refers to a breach of security that can lead…