From their notification: Illinois Gastroenterology Group, PLLC (“IGG”) is providing notice of a recent incident that may affect the security of certain individuals’ information. On October 22, 2021, IGG discovered unusual activity within its computer network. IGG immediately launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the…
Illuminate Education breach that affected NYC schools spreads to other districts
Benjamin Freed reports: A school district in Coventry, Connecticut, notified families of its students this week that students’ data may have been swept up in a breach of one of its vendors earlier this year. The breach-notification letter, dated Tuesday, stated that data belonging to the roughly 1,700 students enrolled in Coventry Public Schools may have…
Scott County, Iowa discloses data security incident
Seen on the county’s website, dated April 22, 2022: Notice of Data Privacy Event Scott County, Iowa (“Scott County”) is providing notice of a data privacy event. To date, we have no evidence of actual or attempted misuse of information as a result of this incident. In an abundance of caution, we are notifying potentially…
Cyber attack causes chaos in Costa Rica government systems
Javier Cordoba and Christopher Sherman report: Nearly a week into a ransomware attack that has crippled Costa Rican government computer systems, the country refused to pay a ransom as it struggled to implement workarounds and braced itself as hackers began publishing stolen information. The Russian-speaking Conti gang claimed responsibility for the attack, but the Costa…
Lewis and Clark Community College sends out notifications concerning ransomware incident
As reported previously, Lewis and Clark Community College was hit with a ransomware attack in November, 2021. They announced it immediately due to impact on the functioning of their systems, but it appears that they are just now issuing breach notification letters to individuals. Their notification letter says that information was encrypted but that there…
Edu-tech firm GeniusU fined $35,000 for data leak affecting 1.26m users
Rei Kurohei reports: GeniusU, a Singapore-based education technology company, has been fined $35,000 for a data breach that resulted in the theft of 1.26 million users’ personal data. The incident is one of the largest data breaches here in recent years, in terms of the number of users affected. Read more at The Straits Times. As…