Data Breach | SC Media

Data Breach

Phishing scam stings Oregon Dept. of Human Services, compromises emails containing resident data

By

The Oregon Department of Human Services (DHS) was the victim of a phishing campaign earlier this year, resulting in a data breach that reportedly involves the records of up to 1.6 million state residents. According to a March 21 Oregon DHS press release, the incident took place last Jan. 8, when nine separate agency employees…

Report: Chinese e-retailer Gearbest leaves database exposed, endangering 1.5 million records

By

The parent company of Chinese e-retailing giant Gearbest has been operating a completely unsecured corporate database, leaving roughly 1.5 million customer records unencrypted and exposed to the public, a new report warns. Led by white-hat hacker Noam Rotem, researchers from VPNMentor revealed the security issue after discovering they were able to access Gearbest’s customer, order,…

Senate building

Senators propose they too should report when breached

By

Senators Ron Wyden, D-Ore., and Tom Cotton, R-Ark., are calling for senators to report if they have been hacked at the end of each year. The duo pointed out that the Senate is considered a “prime target” for cyber breaches noting that several high profile cyberattacks have already been carried out against government agencies including…

EU GDPR gavel thinkstock

Companies unable to meet stringent GDPR data breach reporting requirements

By

The first anniversary of GDPR going into effect is on the horizon, but one study has found that companies are rarely able to meet the reporting demands set by the legislation. A report by the cybersecurity firm Redscan, based on data received through a Freedom of Information request in the UK, found neither breach detection…

Ransomware attack pays off as Delaware Guidance Services gives in to criminals

By

The Delaware Guidance Services (DGS) for Children and Youth is the latest organization to pay off the cybercriminals who locked up their network with a ransomware attack. The Dover, Del., based organization said in a letter to its patients and guardians that the attack took place on December 25, 2018. Files containing personal information, such…

leakplumbing_863980

Dozens of high-profile Box accounts found leaking sensitive data

By

Adversis researchers have discovered that dozens of companies have leaked sensitive data as a result of misconfigured Box accounts. Box is a cloud based “content management platform” primarily used to share files and folders and similar to AWS S3 buckets. The files can be shared to anyone with the link, restricted to those within a…

Palisades Park receives $200,000 advance after cyberattack

By

As proof that not all cyberattacks leave victims broke and out of luck, the New Jersey borough of Palisades Park received a $200,000 advancement on its insurance claim this week after a breach at Mariner’s Bank, based in the nearby town of Edgewater, drained nearly half a million dollars from its accounts. Last month, a…

Hospital

Breach could impact roughly 326,000 UConn Health patients

By

An unauthorized party accessed the email accounts of several UConn Health employees last Christmas Eve, in a data breach that reportedly may affect up to roughly 326,000 patients. In an online disclosure, the Connecticut-based academic medical center revealed that the breached data includes, names, dates of birth, addresses and “limited medical information such as billing…

Next post in Security News