Sergiu Gatlan reports: The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. As revealed in a notice of data breach sent to affected people, an attacker breached the city’s network and exfiltrated an undisclosed number of files containing sensitive information. Read more at Bleeping Computer.
Hundreds of students have personal emails exposed in data breach at University of Limerick
Donal Macnamee reports: Hundreds of people had their personal email addresses exposed in a significant data breach at the University of Limerick (UL), the Business Post has learned. The incident, which took place in August, impacted Central Applications Office (CAO) applicants considering studying at the university, and has been referred to the Data Protection Commission (DPC). Read…
Hospital That Disclosed Health Data to Foundation Wins Appeal
Christopher Brown reports: A hospital’s disclosure of patient health information to its charitable foundation didn’t violate the Minnesota Health Records Act, a state appellate court ruled. The MHRA permits disclosures of a patient’s health records without the patient’s consent when the disclosure is authorized in federal regulations, the Minnesota Court of Appeals said. Read more at…
Russian-speaking hackers knock US state government websites offline
Sean Lyngaas reports: Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states — the latest example of apparent politically motivated hacking following Russia’s invasion of Ukraine. The Kentucky Board of Elections’ website, which posts information on how to register to vote, was also temporarily offline…
HSE hack victims who had personal information stolen have not been told they were targets
Ferghal Blaney reports: Hacking victims who had their personal information stolen during the HSE ransomware attack last year have not been told they were targeted. It’s a legal requirement for the health authority’s IT management to inform them under GDPR rules. The HSE said in a statement that it was taking time to get through all of the…
CHI Health faces ‘IT security incident’ impacting Omaha-area online systems
Molly Ashford reports: CHI Health locations in Omaha are dealing with an “IT security incident” affecting electronic health records and other systems, a spokeswoman said Monday. According to Taylor Miller, CHI’s parent company, CommonSpirit Health, was the victim of the security incident that is impacting facilities across the country. She said some information technology systems…