Cianan Brennan reports: Dublin’s Education and Training Board (CDETB) has been fined €125,000 by the Data Protection Commission after the personal details of 13,000 grant applicants were made available to “unauthorised persons”. The commission concluded after a six-year investigation that the ETB had breached GDPR in multiple ways by both failing to ensure sufficient security…
From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math
More great reporting and analysis by Therese Defino of the Health Care Compliance Association (HCCA): A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different hospital…
Liberty Township in Ohio has recovered its network after a ransomware attack
With so many cyberattacks being disclosed every day, a lof ot them never get reported on in the media. That’s not necessarily a bad thing, but some of them do contain sensitive personal information or could expose people — or the entity itself — to increased risk of future attacks. One such incident involved Liberty Township…
Marquette County Medical Care Facility discloses data breach
Marquette County Medical Care Facility (MCMCF) has issued a statement about a breach they discovered in March 2025. On March 3, 2025, MCMCF became aware of the business email compromise incident when contacts of MCMCF’s Human Resources director began receiving phishing emails from her Microsoft Office 365 (O365) account. The types of information involved included…
Industry Letter – June 23, 2025: Impact to Financial Sector of Ongoing Global Conflicts
From: New York State Department of Financial Services To: All Individuals and Entities Regulated by the New York State Department of Financial Services Re: Impact to Financial Sector of Ongoing Global Conflicts The New York State Department of Financial Services (the “Department”) is issuing this guidance (“Guidance”) to all individuals and entities regulated by the…
MNGI Digestive Health settles class action lawsuit stemming from BlackCat attack
MNGI Digestive Health, a multi-location gastroenterology practice in Minnesota, received preliminary court approval on May 7 to settle a class action lawsuit stemming from an August 2023 cyberattack. The incident was first reported on DataBreaches on September 25, 2023, but had been discovered by MNGI on August 25, 2023, after the BlackCat (AlphV) ransomware gang…