Patrick Howell O’Neill reports: Just days after the fatal shooting of a black man by Baton Rouge police prompted international outrage and a Justice Department investigation, the Baton Rouge city government’s servers have been “hacked” and 50,000 city police records leaked online including names, addresses, emails, and phone numbers. A hacker named @0x2Taylor claimed responsibility…
Update: More than 1,000 Wendy’s stores were compromised
Remember when Wendy’s updated its breach disclosure in May to report that it was 300 stores impacted? They subsequently revealed that they had found two types of malware and the number of impacted stores could be “considerably higher.” Well, now it’s 1,025 stores. Here’s their statement from today: As we have reported over the past several…
NEW: Monthly stats for health/med breaches
People have often asked me if I compile stats on the reports on my site. I haven’t, but am pleased to announce that I am now collaborating with Protenus to help them provide monthly stats for U.S. breaches involving health/medical data. You can read their first blog post on June incidents here. Here’s a snippet…
European Parliament Adopts Directive on Security of Network and Information Systems
Hunton & Williams writes: On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems (the “NIS Directive”), which will come into force in August 2016. EU Member States will have 21 months to transpose the NIS Directive into their national laws. The NIS Directive is part of the…
UK: Information Commissioner to investigate after Hywel Dda Health Board nurse accessed patient records
The Milford Mercury reports: More than 3,000 Hywel Dda patient records, including test results and doctor’s letters, have been accessed “inappropriately” by a hospital nurse over a period stretching back at least two years, the health board has said. The nurse, who has not been named, was based at West Wales General Hospital, Glangwili, in Carmarthen,…
Password-sharing case divides Ninth Circuit in Nosal II
Orin Kerr writes: The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act that I blogged about here and here. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently…