The personal information of more than half a million Chicago Public Schools students and staff was compromised in a ransomware attack last December, but the vendor didn’t report it to the district until last month, officials said.
Media giant Nikkei Suffers Ransomware Attack
Media giant Nikkei’s Asian unit has been hit by a ransomware attack. While the extent of the attack and whether or not customer data was leaked is still unknown, Nikkei has been forced to shut down affected servers as they investigate further. This attack follows a 2019 incident where Nikkei lost $29 million in a single wire transfer due to a business email compromise scam.
UK fines Clearview just under $10M for privacy breaches
The UK’s data protection watchdog has confirmed a penalty for the controversial facial recognition company, Clearview AI — announcing a fine of just over £7.5 million today for a string of breaches of local privacy laws.
HHS Shares Information on Advanced Persistent Threat Groups Linked with the Russian Intelligence Services
The U.S. Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has issued a threat brief providing information on the cyber organizations of the Russian Intelligence Services which pose a threat to organizations in the United States, including the healthcare and public health (HPH) sector.
Virginia Finalizes CDPA Text With the Addition of Three Amendment Bills
The Connecticut governor has formally signed and passed An Act Concerning Personal Data Privacy and Online Monitoring (CPDA), making this law the fifth US state consumer privacy law. The CPDA goes into effect on July 1, 2023, and exempts nonprofits, qualifying covered entities, and business associates subject to the Health Insurance Portability and Accountability Act, and data in an employment or commercial B2B context.
DeKalb student newspaper exposes data leak in district’s online network
Thousands of files of student data — including Social Security numbers, medical records and academic transcripts — were exposed to all students and employees in the DeKalb County School District’s network, according to a high school student newspaper.
Personal information of 1.8 million Texans with Department of Insurance claims was exposed for years, audit says
The personal information of almost 2 million Texans who filed claims with the Texas Department of Insurance was exposed and publicly available for nearly three years, according to a state audit released last week.
Report spotlights vast scale of adtech’s ‘biggest data breach’
New data about the real-time-bidding (RTB) system’s use of web users’ info for tracking and ad targeting, released today by the Irish Council for Civil Liberties (ICCL), suggests Google and other key players in the high velocity, surveillance-based ad auction system are processing and passing people’s data billions of times per day.
Cyberattacks Reported by McKenzie Health System & Omnicell
McKenzie Health System in Sandusky, MI, has recently started notifying 25,318 patients that some of their protected health information has been stolen in a recent security incident which has caused disruption to the operations of some of its systems. On March 11, 2022, suspicious activity was detected within its IT systems. Steps were immediately taken to secure those systems and a third-party investigator was engaged to determine the nature and scope of the security breach.
Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals
This week, the Oklahoma City Indian Clinic (OKCIC) announced that it had suffered from a data breach that exposed personally identifiable information of roughly 40,000 individuals. The clinic identified a security incident that affected its computer system on May 12, according to a notice posted on the clinic’s website. The OKCIC also confirmed that they had enlisted the help of a third-party forensic firm to determine the full impact and scope of the security incident.