Kylie Bielby reports: The Office of Inspector General (OIG) says U.S. Citizenship and Immigration Services (USCIS) did not apply the access controls needed to restrict unnecessary access to its systems, networks, and information. Access controls help to limit individuals from gaining inappropriate access to systems or data. But an OIG audit has found that USCIS…
Kansas school district pulls messaging app after data breach
KWCH reports: Andover Public Schools said it has pulled the popular messaging app, Seesaw after the app was hacked. According to the Seesaw website, the app is used by 10 million teachers, students and family members, but the company declined to say how many users were affected by the hack. In a letter to parents,…
Breach of software maker used to backdoor ecommerce servers
Dan Goodin reports: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig’s systems…
Tax fraud ring leader jailed for selling children’s stolen identities
Sergiu Gatlan reports: The owner of a fraudulent tax preparation business, Ariel Jimenez, was sentenced to 12 years in prison for selling the stolen identities of thousands of children on welfare and helping “customers” to falsely claim tax credits, causing tens of millions of dollars in tax loss. His “customers” used the stolen identity info…
Federal Court holds nonprofit health center is immune from data breach class action
Daniel Rockey of Bryan Cave Leighton Paisner writes: In a case of first impression, the United States District Court for the Southern District of California granted the motion of Defendant Neighborhood Healthcare seeking order compelling the United States to defend a putative class action lawsuit alleging that Neighborhood failed to ensure the confidentiality of her…
Buenos Aires legislature announces ransomware attack
Jonathan Greig reports: The legislature of Argentina’s capital city announced a ransomware attack this week, saying that its internal operating systems were compromised and WiFi connectivity was down. In several tweets, the account for the legislature of Buenos Aires said the attack began on Sunday and took down the building’s WiFi network, among other systems….