Kristian Silva reports: Hackers have targeted a school photography company, with fraudsters making transactions around the world using the credit card details of Queensland parents. Queensland School Photography began emailing students’ parents on Thursday to warn of the hack, but it was not clear how widespread the security breach is or how much was stolen….
US military leak exposes ‘holy grail’ of security clearance files
Zack Whittaker reports: A unsecured backup drive has exposed thousands of US Air Force documents, including highly sensitive personnel files on senior and high-ranking officers. Security researchers found that the gigabytes of files were accessible to anyone because the internet-connected backup drive was not password protected. The files, reviewed by ZDNet, contained a range of…
Cuban national accused in UPMC tax-return scheme plans guilty plea
Torsten Ove reports: A Cuban national extradited last summer from Venezuela to face charges that he used hundreds of stolen UPMC employee identifications to file bogus tax returns for millions in refunds is prepared to admit to his crimes. Yoandy Perez Llanes, 32, and his public defender filed notice Monday that he will enter a…
Summit Reinsurance issues notice of breach discovered in August
Regular readers will realize that I’ve been reporting on the Summit Reinsurance breach since it first appeared in a covered entity’s disclosure back in November. Since then, I’ve been compiling and/or reporting on other entities affected by the ransomware attack that they discovered August 8, 2016. So seven months after discovery, they are first issuing a public…
UK: Nurse inappropriately accessed patient records for three years
STV reports: A night-shift nurse accessed the medical records of a colleague who was on sick leave. Lorraine Mcintosh faced disciplinary proceedings over her actions, which came to light when she was overheard discussing “blood test results and the reason for sick leave of another staff member” with a fellow employee. The nurse, who had…
Thousands of Welsh NHS staff’s data stolen in hack
BBC reports: Details of thousands of medical staff in Wales have been stolen from a private contractor’s computer server. Names, dates of birth, radiation doses and National Insurance numbers of staff who work with X-rays were copied as hackers accessed Landauer’s system. The Welsh NHS described the data breach as “deeply disappointing” and it has…