Graham Cluley writes: Southern Oregon University has announced that it is the latest organization to fall victim to a business email compromise (BEC) attack after fraudsters tricked the educational establishment into transferring money into a bank account under their control. According to media reports, the university fell for the scam in late April when it…
Deeper Dive: Clapper Divide Expands In Data Breach Cases
Sean McIntyre reports: As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence…
HHS is considering changes to OCR’s ‘wall of shame’—and experts are divided on the impact
Evan Sweeney reports: The Department of Health and Human Services is exploring potential changes to the agency’s “wall of shame,” a legislatively mandated website that tracks healthcare data breaches dating back to 2009. During a hearing addressing cybersecurity concerns in healthcare last week, Leo Scanlon, deputy chief information security officer at HHS, told Rep. Michael…
Oklahoma U. shuts down file sharing service after failing to protect thousands of students’ records
Dana Branham reports: OU unintentionally exposed thousands of students’ educational records — including social security numbers, financial aid information and grades in records dating to at least 2002 — through lax privacy settings in a campus file-sharing network, violating federal law. The university scrambled to safeguard the files late Tuesday after learning The Daily had…
Personal data from Cowboys Casino hack surfaces online
Back in June, 2016, Cowboys Casino announced it was investigating a data breach that impacted employee and corporate data, including customer data. Today, Brodie Thomas reports that personal information acquired by the hackers last year has appeared online. The anonymous hackers, who released about 484 megabytes of documents online via a torrent site, left a…
Oops. Tata dev accidentally leaked banks’ code on public GitHub repo
Iain Thomson reports: Staff at Indian outsourcing biz Tata Consultancy Service uploaded a huge trove of financial institutions’ source code and internal documents to a public GitHub repository, an IT expert has claimed. Jason Coulls, CTO of food safety testing company Tellspec and a former banking software developer, said he stumbled upon the collection of…