Evan Perez and Shimon Prokupecz report: Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation. While the White House has said the breach only ever affected an unclassified system, that description…
Where Stolen Data Goes After Breach: An Experiment
Michael Perrault reports: Where does stolen data go after a breach? Silicon Valley-based data protection company Bitglass conducted an experiment showing that a single stolen document, with multiple data, traveled to 22 countries, was viewed 1,081 times and was downloaded 47 times over a dozen days. Some activity was connected to crime syndicates in Nigeria…
FL: Broward Sheriff’s Office used restricted federal crime databases to investigate civil jurors
Bob Norman reports on what sounds like misuse of crime databases by the Broward Sheriff’s Office (BSO): Juror No. 6 said she was just doing her civic duty in the trial of Broward Sheriff’s Office whistleblower Jeffrey Kogan, which ended in the deputy’s favor. But now, Broward Sheriff Scott Israel is accusing her of misconduct…
University of California – Riverside notifying 8,000 whose SSNs were on stolen desktop
Mark Muckenfuss reports UC Riverside officials are notifying 8,000 graduate students and graduate applicants that their personal identity information is at risk. A desk-top computer stolen during a break-in at the campus’ graduate division offices March 13, contained the Social Security numbers of the students and potential students. Officials said they had no evidence that…
OK: EyeCare of Bartlesville notifies patients after hard drive locked by malware
EyeCare of Bartlesville in Oklahoma reported a breach to HHS on March 13 that appeared on HHS’s public breach tool on March 19. There was no notice on their web site that I could find at that time. Nor could I locate any public notices via a Google search. The incident was coded on HHS’s breach tool as a…
NJ: Court dismisses breach lawsuit against Horizon Blue Cross Blue Shield
In December, 2013, Horizon Blue Cross Blue Shield of New Jersey notified almost 840,000 members that their protected health information was on laptops stolen from the insurer’s Newark headquarters on November 1, 2013. At the time, Horizon BCBS reported that the laptops were password-protected, but the data were unencrypted, and After a detailed review with…