James Bradshaw reports: A 2017 data breach that exposed personal information belonging to more than 113,000 Bank of Montreal customers exploited “significant weaknesses” in the bank’s safeguards that have since been strengthened, according to a report from the Privacy Commissioner of Canada. BMO previously disclosed the breach in May, 2018, after receiving a ransom demand…
Arrest in Romania of a ransomware affiliate scavenging for sensitive data
The following is a press release: Europol’s European Cybercrime Centre (EC3) has supported the Romanian National Police (Poliția Română) and the US Federal Bureau of Investigation (FBI) in arresting a ransomware affiliate targeting high-profile organisations and companies for their sensitive data. The suspect – a 41-year-old Romanian national – was arrested today at his home in Craiova, Romania, in the early hours…
Woman finds medical records stacked next to recycling bin in Sharpstown neighborhood
Re’Chelle Turner reports: A woman said she discovered medical records, which included private information, which was left in the middle of a southwest Houston neighborhood. “I was shocked with all the HIPPA [sic] rules now. I was very surprised,” she said. The woman, who did not want to be identified, said she saw something unusual…
MA: Northeastern Cancels Vaccination Clinics After Third-Party Information Leak
Jay Willett reports: COVID-19 vaccination clinics scheduled on Northeastern University’s Boston campus have been cancelled following the discovery of registrants’ personal information being exposed by Pelmeds, a third-party vaccine provider. In a statement shared with WBZ NewsRadio, Northeastern said that the information was present on Pelmeds’ website. “As soon as the university became aware of…
Volvo had some R&D data stolen in security breach
Kirsten Korosec reports: Volvo Cars is investigating a cybersecurity breach and theft of a limited amount of the company’s research and development data. The data breach was reported Friday by the Swedish automaker. The company said one of its file repositories had been illegally accessed by a third party. Investigations have revealed that a “limited…
Optometry services provider and specialty pharmacy services both report breaches
As many people left for the weekend or were thinking about holiday shopping, two more HIPAA-covered entities disclosed breaches involving protected health information (PHI): optometry services provider Simon Eye Management and specialty pharmacy services provider BioPlus Specialty Pharmacy Services, LLC. Neither disclosure, described below, reported any malware or ransomware component to their breaches. By the…