GDPR Services report 13 Private Data breaches
– Week 25, 2019 –
This is a curated list about last week’s latest news from by our GDPR Services. Be informed about the latest 13 Private Data breaches, identified and reported publicly during Week 25, 2019.
As these Private Data breaches have a severe negative impact on any business and highly serious legal consequences, consider a these GDPR Service packages: on-demand GDPR COMPLIANCE or a recurrent monthly service of GDPR COMPLIANCE ADD-ON together with your dedicated data protection OFFICER package.
- A state-by-state comparison of the top data breaches has been assembled.
- Since 2008, there have been nearly 10,000 of them, exposing 10 billion records. They coordinate with overall population numbers: South Dakota, North Dakota, Wyoming, West Virginia, and Hawaii suffered the fewest ones, and California and New York the most. Which states have the most data breaches? Data breaches by US state
- xSocial Media, a Florida-based ad agency left their database open and leaked Private Data.
- The leaked details from their database included sensitive details about medical malpractice cases, and combat injuries sustained by US military veterans. Bank accounts were also part of the leak. Report: Medical Data Leaked for Hundreds of Thousands of Users (including US Veterans)
- Canada’s largest credit union Desjardins apparently was compromised by a phishing attack, the company confirmed.
- Private data of nearly 3 million of its members and business partners was leaked online. Passwords, security questions, and PINs weren’t part of the leak, however. Users will receive a year of free credit monitoring. Important message for our members June 20, 2019 – 2:00 pm
- Ransomware continues to make news this week.
- There were two major attacks recently reported: First the Brookside ENT hearing clinic in Michigan closed after a ransomware attack encrypted all of its computerized medical records in April. The attackers demanded $6,500 and the owners decided not to pay. Second, the trucking company A. Duie Pyle was also hit more recently with ransomware. The company was able to quickly restore many systems, although a few portions of their website remained offline. Michigan Practice to Shutter after Hackers Delete Patient Files and Pennsylvania trucking company falls victim to ransomware attack
- Oregon State University has discovered a breach from last month that compromised hundreds of students’ private data.
- Free credit monitoring has been offered. Oregon State University (OSU) Discloses Data Breach
- Seven million Venmo instant P2P payment transactions have been copied over a six-month period by a CS student and posted to Github.
- The issue is there isn’t any encryption by default and that the Venmo API is easily scriptable and completely open. This is the second such attack, this time by a different researcher. If you use Venmo, go to Settings/Privacy and select private for your past and future transactions. Millions of Venmo transactions scraped in warning over privacy settings