Martin Bilbao reports: The city of Tenino fell victim to a fraudulent scheme that cost it $280,309 in public funds, according to the Washington State Auditor’s Office. Former Clerk Treasurer John Millard initiated 20 automated clearing house payments from the city’s bank account to multiple out-of-state bank accounts from March 19 to May 4, 2020, per…
Hackers disrupt payroll for thousands of employers — including hospitals
Becky Sullivan reports that the Kronos ransomware incident continues to disrupt payroll for employees around the country: A month-old ransomware attack is still causing administrative chaos for millions of people, including 20,000 public transit workers in the New York City metro area, public service workers in Cleveland, employees of FedEx and Whole Foods, and medical…
Ex-hospital worker arrested in South Georgia Medical Center data breach
Terry Richards reports: A former hospital employee has been arrested in a November data breach case at South Georgia Medical Center, officials said. Ronald Dean, the hospital’s president and chief executive officer, said Thursday a worker “left employment” with SGMC Nov. 11. On Nov. 12, security software put out an alert that there had been…
North Korean hackers stole nearly $400 million in crypto last year
Andy Greenberg reports: The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it’s no surprise that the relentless North Korean hackers who feed off that booming crypto economy had a very good year as well. North Korean…
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
Background information Date of final decision: 9 December 2021 National case Controller: Warsaw University of Technology Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), Security of processing (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, security, data protection Summary of…
The definitions of “recently” and “discovered” leave a lot to be desired
In March, 2021, Family Health Services MN d/b/a Entira Family Clinics notified the Maryland Attorney General’s Office that they had been impacted by the Netgain ransomware attack that affected more than one dozen covered entities and more than 1 million patients. Entira’s external counsel’s letter of March 1, 2021, identified the dates upon which Netgain…