Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of Corrections. But the software company at the center of the complaint claims that’s “false and misleading,” and that there was no breach of data…
600,000 Prison Inmates to Share in $6.49M Breach Settlement
Marianne Kolbasuk McGee A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records. The incident affected inmates who received medical care between January 2012 and July 2022…
Cyberattack hits Wayne County government; services affected as hacker demands ransom
Ross Jones reports: Wayne County government fell victim to a cyberattack Wednesday, according to sources, bringing some services to a standstill. It was not clear Wednesday who was behind the hack, but a source says the hacker made a financial demand of the county through ransomware. “The county information technology team is aware of a…
Ie: PSNI fined £750,000 for ‘egregious’ data breach
Ireland Live reports: The Police Service of Northern Ireland has been fined £750,000 for an “egregious” data breach in which the personal information of staff and officers was released. The Information Commissioner’s Office (ICO) fined the organisation for the “serious” breach that left many PSNI workers fearing for their safety and said “simple-to-implement” procedures could…
What to expect from the UK’s Cyber Security and Resilience Bill (and when)
Mark Young, Paul Maynard, and Tomos Griffiths of Covington and Burling write: The UK Government has announced that it intends to introduce the Cyber Security and Resilience Bill (the “Bill”) to Parliament in 2025. Formally proposed as part of the King’s Speech in July, this Bill is intended to strengthen the UK’s cross-sectoral cyber security legislation to better protect…
Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts
WASHINGTON – The Justice Department announced today the unsealing of a warrant authorizing the seizure of 41 internet domains used by Russian intelligence agents and their proxies to commit computer fraud and abuse in the United States. As an example of the Department’s commitment to public-private operational collaboration to disrupt such adversaries’ malicious cyber activities,…