Barbara Christiansen reports: Employees of the Provo City School District may have an extra concern facing them as the district has discovered a data breach. There was a phishing attack and someone gained access to an employee’s email account. That account contained files with sensitive, personal identification information for about half of the district’s employees….
California Amends Data Breach Notification Law, Does Not Require Mandatory Offering of Credit Monitoring
Andrew Hoffman writes: California Governor Jerry Brown signed into law an amendment to California’s data breach notification law on Monday. Although at least one news outlet has reported that the law requires a company to offer credit monitoring services, this interpretation is misguided. Rather, the law only places restrictions on certain companies if they choose to offer identity theft prevention and…
Cedars-Sinai revises breach estimate in stolen laptop case; over 33,000 patients impacted
Cedars-Sinai has updated its breach disclosure to indicate that 33, 136 patients had protected health information on a laptop stolen from an employee’s home this summer. Read more on Los Angeles Times.
Over 90 million hacker attacks registered in Russian Internet since 2010
TASS reports: More than 90 million hacker attacks have been registered in the Russian segment of the Internet since 2010, Secretary of the Russian Security Council Nikolay Patrushev said on Wednesday. “There have been 57 million attacks since 2014 and approximately 90 million attacks since 2010,” Patrushev told journalists. Russia’s Security Council did not discuss nationalization…
Hacked security plugin firm stored customer passwords in plaintext. Seriously?
Graham Cluley writes: … from time to time, firms find themselves in the position of admitting that they have messed up massively with potentially disastrous consequences for their business and their innocent customers. What makes it even worse, however, is when the company that has fallen woefully short really should have known better. One such company which…
UK: Northmavine parents lodge SIC privacy complaint
Neil Riddell reports: Parents in Northmavine have lodged a formal complaint about what they describe as a “blatant breach” of data protection during a school closure consultation, and are calling on Shetland Islands Council to “ensure our privacy is taken seriously”. Last week the local authority issued an apology after personal details relating to “a small number of…