On November 3, Lakeside School provided a notification to the Massachusetts Attorney General’s Office about a data breach. Lakeside School is a private school for grades 5-12 in the Seattle, Washington area. Because Massachusetts does not require inclusion of the kinds of details this site reports, we have almost no information on this breach other…
A mailing error with troubling potential
We have all read about mailing errors by now. In fact, such errors are one of the biggest types of HIPAA breaches — providing one patient’s information to another, or a mail merge error, or something similar. But here’s a case in the U.K. that serves as a painful reminder that such breaches can have…
NJ: Spotswood Public Schools notifying 424 employees impacted by a ransomware incident
Here’s another k-12 data security incident that does not appear to have made news or to have been revealed on a school district’s website (at least as far as DataBreaches.net can determine): On behalf of Spotswood Public Schools in New Jersey, Baker & Hostetler notified the Maine Attorney General’s Office that Spotswood experienced a ransomware…
Episcopal Retirement Services suffered two ransomware attacks in a one-month period
It’s bad enough experiencing one ransomware attack. Imagine experiencing two, because that’s what Episcopal Retirement Services (ERS) in Ohio has been dealing with. On or about September 24, ERS discovered that i had been the victim of what it describes as a cyberattack that impacted its systems and servers. Then on October 22, they experienced…
US regulators order banks to report cyberattacks within 36 hours
Sergiu Gatlan reports: US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the…
California Pizza Kitchen spills over 100,000 employee Social Security numbers
Carly Page reports: California Pizza Kitchen (CPK) has revealed a data breach that exposed the Social Security numbers of more than 100,000 current and former employees. The U.S. pizza chain, which has more than 250 locations across 32 states, confirmed the incident in a data breach notification posted this week. The company said it learned of a…