On November 4, external counsel for Kearsarge Regional School District in New Hampshire notified the New Hampshire Attorney General’s Office about a data security breach. According to the notification, on August 27, the threat actor was able to access and possibly acquire a file containing information on 1,825 students enrolled in the district’s meal plan…
Shutterfly services disrupted by Conti ransomware attack
Lawrence Abrams reports: Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. Although many associate Shutterfly with their website, the company’s photography-related services are aimed at consumer, enterprise, and education customers through various brands such as GrooveBook, BorrowLenses, Shutterfly.com, Snapfish, and Lifetouch. Read…
NZ: Privacy breach at Hutt Hospital as clinician leaves patient info on street
Missed this one from Matthew Tso on December 20, so let’s get caught up: A privacy breach involving the personal details of 36 Hutt Hospital patients occurred after four pages of information were dropped in the street. The incident occurred in November, with a letter from the Hutt Valley District Health Board to affected patients…
Computer containing vaccine data stolen in Brussels
The Brussels Times reports: Various computers, including one containing data on vaccinated persons, were stolen on the night of Monday to Tuesday from the Pacheco vaccination centre in Brussels, the Commission communautaire commune (Cocom -Joint Community Commission) said in a press release on Friday. “Cocom quickly took measures, in collaboration with the police, its information…
Merry Christmas 2021
It’s hard to believe another year has gone by, and it’s hard to think in terms of “Merry” when so many people have lost loved ones or are suffering this year, but here’s hoping you find some joy and happiness in this season — even if it’s just for a while. PogoWasRight.org and DataBreaches.net are…
Duneland School Corporation notifying employees and dependents of data breach
“Duneland School Corporation” sounds like it should be an education-related business but it’s actually a school district in Indiana. On October 27, they discovered that they had experienced a security incident that sounds like a ransomware attack. In a statement on their website, they note: Through our investigation, we determined that an unauthorized person obtained…