CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s…
High school changes every student’s password to ‘Ch@ngeme!’
File this in your “You did WHAT?!” file. Lorenzo Franceschi-Bicchierai reports that after a cybersecurity audit mistakenly reset everyone’s password, Oak Park and River Forest High School in Illinois did a global replace, changing all students’ passwords to “Ch@ngeme!” to prompt them to change their password. What could possibly go wrong if you now know…
Costs of some 2022 ransomware attacks: Whitworth University hit with federal lawsuit, Little Rock School District tallies its costs
Whitworth University may start experiencing more legal costs stemming from a ransomware attack in 2022. Kip Hill reports: A Whitworth University student is asking a federal judge to approve a class action against the school for damages stemming from a ransomware attack discovered in July 2022 that affected more than 65,500 people. The lawsuit, filed…
More than a million NHS patients’ details compromised after cyber attack
Rebecca Thomas reports: NHS details of more than a million patients have been compromised in a cyber attack, senior health chiefs have been warned. A recent ransomware attack on the University of Manchester affected an NHS patient data set which holds information on 1.1 million patients across 200 hospitals, leaks to The Independent have confirmed. Among the details potentially exposed…
Lawyer censured for using TeamViewer to snoop on former firm’s business activity
Here’s your reminder for today about the insider threat. Debra Cassens Weiss reports: A lawyer in Cherry Hill, New Jersey, has been censured after acknowledging that he “fell into stupid” and accessed his former law firm’s computer system to monitor his former partner’s business activity. The New Jersey Supreme Court censured lawyer Justin L. Scott…
Pilot Applicant Information for American, Southwest Hacked
Nate Nelson reports: Hackers breached a database maintained by Pilot Credentials, a recruiting company based in Austin, Texas, resulting in the theft of personal information from more than 8,000 pilot applicants for American Airlines and Southwest Airlines. The compromised data includes names, birth dates, Social Security and passport numbers, as well as driver- and pilot-license…