Collaborate Disseminate
Stuart Woodward and Shivani Chaudhari report: A school has apologised for sending an email to parents which listed the personal data of 69 pupils who were being disciplined for bad behaviour. The principal at Ortu Gable Hall School in Corringham, Essex… Continue reading UK: Corringham school apologizes after sharing personal pupil data
Public Technology reports: The Ministry of Defence has been fined £350,000 over a data breach that divulged the identities of hundreds of Afghan nationals who worked for the UK government in Afghanistan. According to data watchdog the Information Commi… Continue reading MoD fined £350k over data breach that endangered lives of Afghan interpreters
Mariam Issimdar and Nikki Fox report: A hospital trust has apologized after private information on more than 22,000 patients was released in two breaches. The leaks – in 2020 and 2021 – concerned maternity and cancer patients at Addenbrooke… Continue reading Data breach by Addenbrooke’s Hospital reveals patient information
Carly Page reports: Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, res… Continue reading Millions of patient scans and health records spilling online thanks to decades-old protocol bug
Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity R… Continue reading DFS Announces $1 Million Cybersecurity Settlement With First American Title Insurance Company
Paulina Okunytė reports: KidSecurity, a popular parental control app that’s used to track children, has exposed its activity logs, leaving users’ private data in the hands of threat actors. With more than a million downloads on Google Play, KidSe… Continue reading KidSecurity’s user data compromised after app failed to set password
Jurgita Lapienytė reports: A Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records. The 2 TB-strong Kibana dashboard has been exposed for over two years. Cybernews researchers discovered it back in Ja… Continue reading Enterprise software provider Tmax leaks 2TB of data
DataBreaches would have passed over a listing on LockBit3.0’s site if Brett Callow hadn’t kindly called our attention to it. The listing by the threat actors was for HSKS Greenhalgh Chartered Accountants and Business Advisors, and LockBit … Continue reading A cyberattack on a U.K. accounting firm wound up leaking U.S. patient data. Now what?
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification law… Continue reading Does claiming you were hacked when you had really just screwed up violate the FTC Act?
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York… Continue reading States settle with Morgan Stanley for $6.5 million over data security incidents