It’s a long list this month, but with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications. Maybe I’ll book June off.
This month’s list sees the usual mix of breaches and hacks, and as always is dominated by healthcare incidents.
One incident that really stands out is Equifax’s latest. The consumer credit reporting agency, which suffered a massive data breach in 2017 that exposed the personal information of nearly 150 million consumers, has been sending out the incorrect notification letters to a “small percentage” of those affected.
What is it they say? There’s no such thing as bad publicity?
This month’s total of leaked records is 72,611,721.
Cyber attack and ransomware
Leominster pays $10K in bitcoin ransom to undo cyberattack on schools
Center for Orthopaedic Specialists notifies 85,000 patients of ransomware attack
P.E.I. government website hit by ransomware attack
County Schools Testing Disrupted By Suspected Hacking
TaskRabbit Takes Down App and Website After Getting Hacked
Data breach
Three former Flint cops sold personal info of crash victims, feds claim
Vector shuts down app after privacy breach
Access Group notifies borrowers of data security incident
Data breach could impact some patients of medical lab chain with Alabama locations
Former gynecologist set to stand trial for patient privacy violations, lying to federal agents
Hong Kong broadband provider to revamp way it stores customer information after data breach
Transcription Service Leaked Medical Records
Halifax Excel program registration shut down because of ‘privacy breach’
Edison cop used police database to stalk ex, slash her tires, prosecutor says
Dubai’s Careem admits to data breach of 14 million users
TSB chaos after online banking data leak
Hacker sent email with 1,200 partial social security numbers to school staff
1,100 Hamilton residents’ emails compromised following data breach
SunTrust 1.5 million customers whose information may have been stolen by former employee
State of Illinois incorrectly mailed personal information of more than 4,000 people
Camp fYrefly notifies former participants, volunteers of data breach
Polk County Health Services notifies mental health patients of breach that began in 2014
How A Private Intelligence Platform Leaked 48 Million Personal Data Records
Texas Health Resources notifying patients about incident in 2017 that affected multiple entities
College Consultants’ Client Information Was Exposed on Web Servers
Guardian Jacksonville Notifies 11,521 Patients of Email Compromise of Protected Health Information
Hong Kong public hospital apologises after brain goes missing following autopsy
Personal information of 1 million potential college applicants ‘exposed inadvertently’
California Says Private Data for 600,000 People Exposed
Chesapeake Regional Healthcare notifies sleep center patients of medical record breach
Massive data leak from government ministries
Equifax has been sending some consumers hit by its data breach wrong letters
Financial information
Hackers stole his campaign cash, Sacramento lawmaker says
Victoria ISD notifies employees of breach involving their personal information
UnityPoint Health notifying patients of phishing attack
Mise En Place Restaurant Services, Inc. Notifies Clients, Individuals Following Cyberattack
Sodexo Filmology data breach – Users need cancel their credit cards
Data breach at military resort in Germany leaves soldiers open to identity theft
Delta, Sears, Kmart hit by data breach: What you need to know
Panerabread.com Leaks Millions of Customer Records
Fin7 Syndicate Hacks Saks Fifth Avenue and Lord & Taylor Stores
Other
Equifax has spent $242.7 million on its data breach so far
Hackers built a ‘master key’ for millions of hotel rooms
Hackers once stole a casino’s high-roller database through a thermometer in the lobby fish tank
Fighting back
Google accounts get new verification feature to prevent phishing attacks
Man who hacked Washtenaw County computers gets 7 years in prison
Former hospital worker prosecuted for inappropriately accessing patient records
Hello Lewis,
Curios any breach with poorly sanitised hdd, sdd, ssd ? It Asset Disposition