Scott Ikeda reports: Many criminal hacking gangs originate from Russia and nearby points in Eastern Europe, and their ransomware and malware is sometimes found with settings that automatically disable it if regional languages are set on the target computer. An open source project maintainer essentially did the opposite in protest of the war in Ukraine,…
Data of 820,000 NYC students compromised in hack of online grading system: Education Dept.
Michael Elsen-Rooney reports: Personal data for roughly 820,000 current and former New York City public school students was compromised in the hack of a widely-used online grading and attendance system earlier this year, city Education Department officials said Friday, revealing what could be the largest-ever breach of K-12 student data in the U.S. Furious city…
Weekend update: Christie Clinic, CSI Laboratories report breaches
Christie Business Holdings Company, P.C. (“Christie Clinic”) in Illinois Christie Business Holdings Company, P.C. (“Christie Clinic”) in Illinois issued a breach notice that is also prominently posted on their website. According to their notice, an unauthorized actor gained access to their system between July 14, 2021 and August 19, 2021. The unauthorized actor did not…
Trial starts next week in case of law firm sued by insurer for not disclosing thedarkoverlord hack
A trial involving a lawsuit against a law firm that was hacked in 2016 and paid extortion to thedarkoverlord but never notified their clients of the breach starts next week in Missouri. For some of the background, see previous coverage on this site: Missouri law firm sued by insurer for not disclosing 2016 hack by…
Mansfield company hacked, personal information stolen
Oops — I missed this one last week. George W. Rhodes reported: The computer system of a Mansfield company that does background checks for employers was hacked and the perpetrators got away with the personal information of 164,000 people. Creative Services Inc., located on Pratt Street, was hit by hackers in November, according to The…
Ph: Fines for data privacy breach capped at P5 million
Ranier Allan Ronda reports: The National Privacy Commission (NPC) has set a ceiling of P5 million on fines imposed on data privacy violators, following a revision of its penalty system based on public consultations. The NPC presented its revised schedule of administrative fines set under the updated Circular on Administrative Fines and the scope of…