The Hamilton Spectator reports: Ontario’s former privacy commissioner is “enormously” concerned after the medical privacy of more than 200 patient records was breached within a Hamilton doctor’s office. The Hamilton Family Health Team — a nonprofit corporation that provides clinical and administrative assistance to 166 doctors — confirmed Tuesday that personal letters were sent out…
Data breach affects Frederick County schools (UPDATED)
WMAR reports: A data breach may have affected up to 1000 students at Frederick County Public Schools (FCPS) officials said. The breach impacted students who attended FCPS between November 2005 and November 2006. The breached information includes names, social security numbers and birth dates. AP adds important details that the breach was brought to the school…
UK: TalkTalk hacker who blackmailed company chief during year-long cyber crime spree faces jail
While a 17 year-old teen got a rehabilitation order and had his phone confiscated for his role in the TalkTalk hack and other cybercrimes, 19 year-old Daniel Kelley is likely facing real jail time for his role in the TalkTalk hack and other crimes. Emily Pennink and Sam Russell recap the blackmail and other crimes Kelley admitted to at hearing,…
EBA’s Proposed Guidelines Call for 2-Hour Notice of Data Breach
From PayBefore: The European Banking Authority (EBA) working with the European Central Bank (ECB) recently released a consultation paper on guidelines for payment service providers (PSPs) to follow in the event of security breaches. Among the suggested mandates is notifying authorities of an incident within two hours from the moment the breach is detected—that’s significantly faster than…
NJ family medicine practice notifying 4,277 patients after ransomware attack
Melissa Selke, MD, PC, a Family Medicine practice in New Jersey, issued a statement on December 2 concerning a hacking/ransomware incident. From the statement (.doc): On October 6, 2016, Dr. Selke discovered her information system had been infected with a virus that prohibited access to patient files. The integrity of the information system was immediately restored and…
Data enrichment records for 200 million people up for sale on the Darknet
Steve Ragan reports: Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. The person offering the files claims the data is from Experian, and is looking to get $600 for everything. Details of this incident came to Salted Hash via the secure drop at Peerlyst, where…