There’s been an arrest in the Kido school cyberattack incident. itvX reports: Two people have been arrested after hackers stole information about thousands of children from a nursery chain. Two men aged 17 and 22 were arrested in Bishop’s Stortford, Hertfordshire, on suspicion of computer misuse and blackmail, the Metropolitan Police said. They remain in…
California hospitals can escape fines if workers expose patient info
Scott Holland reports that a California state appeals court agreed with a hospital that it should not be held liable for employee misbehavior if they had a clear policy in place but the employee knowingly violated it: A state appeals panel has agreed hospitals can’t be sued if one of their employees posts confidential patient…
Harris Health discloses insider-wrongdoing breach that went on for a decade
Here is today’s reminder of the insider threat and why it may be challenging, but it’s still necessary, to monitor and audit employee access to patient records to spot any inappropriate access. Harris Health is notifying more than 5,000 patients that an employee — who was fired and referred to law enforcement when their wrongdoing…
Developing: Salesforce data leak site being seized? Looks like it.
I am guessing that the breachforums[.]hn leak site for ScatteredLAPSUS$Hunters is in the process of being seized. A whois lookup now shows that the name servers have been changed to hans.ns.cloudflare.com and surina.ns.cloudflare.com, which I am guessing are government accounts. The onion site appears intact. This post will be updated as the situation evolves.
I called American Income Life Insurance to alert them to a data breach involving 150,000 customers. Here’s why they didn’t find out.
Paging the Federal Trade Commission to Aisle 5…. The Federal Trade Commission has repeatedly emphasized the importance of having a mechanism in place to receive data security alerts or concerns. American Income Life Insurance (“AILife”), headquartered in Waco, Texas, does not provide such information on its home page or anywhere else on the site that…
NSW gov contractor uploaded Excel spreadsheet of flood victims’ data to ChatGPT
Ry Crozier brings us today’s installment of the “No Need to Hack When It’s Leaking” Files The victims of the breach are applicants to the Northern Rivers Resilient Homes Program, under which the government is offering to either buy back flood-prone homes, contribute to the cost of rebuilding, or to improve resilience such as by elevating…