Cape Coral Breeze reports: Lee County Emergency Medical Services reports that on Aug. 4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services. Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014….
NYDFS Proposed Amendments to Its Cybersecurity Rules
Patrick H. Haggerty and Elise Elam of BakerHostetler write: On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a mandatory 24-hour notification for cyber ransom payments, specific requirements for…
AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach
Jonathan Greig reported: Telecommunications giant AT&T denied any connection to a database of stolen information that included the Social Security numbers of 23 million Americans. First reported by Brian Krebs, Milwaukee cybersecurity company Hold Security said it found a 3.6 GB file on a dark web platform that contained Social Security numbers and information belonging to…
Recent Cedar Rapids Schools letter to parents confirms ransom payment after cyberattack
KWWL reports: In a message to families and staff on Friday, the Cedar Rapids School District (CRCSD) said it paid a third-party entity in an attempt to stop vital information from being released during a recent cyber security incident. The letter sent to parents, viewable on KWWL’s site, says: As part of the process to…
Waterloo Region District School Board confirms ‘student information was accessed’ during July cyber incident
Chris Thomson reports: Waterloo Region’s public school board has confirmed that “certain student information was accessed” during a cyber incident last month. An email sent to Waterloo Region District School Board (WRDSB) students and families Friday evening stated that the board is still investigating “the full scope of the impact on student information” and will…
USAA Must Face Lawsuit Over Driver’s License Disclosures
Samantha Hawkins reports: United Services Automobile Association must face claims that it disclosed individuals’ driver’s license numbers to cybercriminals, after a federal judge in Manhattan refused to dismiss the suit. Vincent Doland and Christine Mapes sued the insurance company under the Driver’s Privacy Protection Act and New York State General Business Law, claiming that cybercriminals used…