Duane Morris writes: The Department of Education has issued an electronic notice relating to the updated cybersecurity regulations published by the Federal Trade Commission (FTC). On December 9, 2021, the FTC amended the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA). This comprehensive amendment updated data security requirements for financial institutions, including all Title IV institutions of higher…
Oops! ‘Phishing’ scam cost small Ohio city $219,000, finance director his job
Dean Narciso reports: Phishing-scam training has become a commonplace requirement in many workplaces these days. But not everyone is adhering to its lessons. When emails from a fake paving company landed in the inbox of an accounting assistant working for a small Ohio city last month, the assistant was hooked. The author pretended to be an existing vendor and persuaded…
Weeklong ransomware attack on Oakland government drags on
Da Lin reports: OAKLAND – 10 days after the City of Oakland experienced a ransomware attack, many of its departments remain shut down to the public. Emergency services like police and fire are operational. The lobby at the Oakland Police Department is one of few places still open to the public, but there are signs…
U.K.: NHS call center advisor found guilty of accessing medical records illegally
From the ICO, this press release: A former 111 call centre advisor has been found guilty and fined for illegally accessing the medical records of a child and his family. Martin Swan, 56, from Pinner, London, worked as a service advisor at the NHS 111 call centre in Southall when he illegally accessed the records….
UK: Lancashire County Council has referred itself following a data breach
Amy Farnworth reports: Lancashire County Council has referred itself to the Information Commissioner’s Office following a data breach involving its new HR and finance system. At this point there is no evidence that personal data has been publicly available, only that this information has been visible to internal users should someone want to find it….
Scots cancer patient hits out after major data breach of medical records at NHS Lothian by staff member
Sarah Vesty reports: A Scots cancer patient had hit out after discovering his confidential medical records were ‘inappropriately’ accessed by a member of NHS Lothian staff amid a major data breach. Martin Laing received a letter from the health board last week informing him of the incident, which is understood to have affected around 90 people. The 57-year-old, who…