Chris Jones and Nadia Pflaum of KUTV report: Dr. Judith Zimmerman knew she was fired for doing the right thing. She was the lead investigator on a research project on autism in children, which she spearheaded at the Utah Department of Health. She brought that project, and a very sensitive database of data, to the…
Cyber attack on UK’s Defence Academy had ‘significant’ impact, officer in charge at the time reveals
Deborah Haynes reports: A cyber attack – possibly by China or Russia – hit the academic arm of the UK’s Ministry of Defence and had a “significant” impact, the officer in charge at the time has revealed. Air Marshal Edward Stringer, who retired from the armed forces in August, said the “sophisticated” hack – discovered…
Review of U.S. State Law Developments in 2021
Madeline Salinas and Libbie Canter of Covington and Burling write: As we look ahead at 2022, we here provide a quick wrap-up of key developments for U.S. state privacy laws in the past year: California Privacy Protection Agency is appointed and commences rulemaking. In June, the new California Privacy Protection Agency (CPPA) held its inaugural public meeting,…
Morgan Stanley to pay $60 million to resolve data security lawsuit
Jonathan Stempel reports: Morgan Stanley agreed to pay $60 million to settle a lawsuit by customers who said the Wall Street bank exposed their personal data when it twice failed to properly retire some of its older information technology. A preliminary settlement of the proposed class action on behalf of about 15 million customers was…
Tokyo police lose 2 floppy disks containing personal info on 38 public housing applicants
Here’s one I missed, but luckily Zack Whittaker noted it in his weekly newsletter (and if you don’t get his newsletter, you should subscribe!) The Mainichi reported: The Metropolitan Police Department (MPD) has lost two floppy disks containing personal information on 38 people, the department announced on Dec. 27 The MPD said the floppy disks…
Out with the old, in with the new? Saltzer Health, Broward Health report data breaches impacting protected health information
Saltzer Health, Idaho As 2021 wound down, Saltzer Health in Idaho reported a breach it had discovered on June 1. According to their notification, an employee’s email account had been compromised. Investigation showed the access began on May 25. On December 29, Saltzer issued a notice that disclosed the incident and reported that the types…