GDPR Services report 11 Private Data breaches
– Week 26, 2019 –
This is a curated list about last week’s latest news from by our GDPR Services. Be informed about the latest 11 Private Data breaches, identified and reported publicly during Week 26, 2019.
As these Private Data breaches have a severe negative impact on any business and highly serious legal consequences, consider a these GDPR Service packages: on-demand GDPR COMPLIANCE or a recurrent monthly service of GDPR COMPLIANCE ADD-ON together with your dedicated data protection OFFICER package.
- The Royal Brisbane and Women’s Hospital has defended its handling of a situation where over a thousand confidential patient records fell off the back of a truck, spilling them across a busy inner-city road.
- The incident happened last Thursday when a private contractor tasked with removing the documents for routine destruction spilled a number of boxes across Abbotsford Road at Bowen Hills. It was witnessed by members of the public and the hospital was notified shortly after, sending a number of staff to retrieve the documents. Private patient records fall off truck near Royal Brisbane and Women’s Hospital
- The University of Chicago Medical Center and Google were served with a lawsuit on June 26 that alleges the hospital violated HIPAA by sharing thousands of patients’ records with the technology giant without hiding date stamps or physicians’ notes
- Google partnered with the University of Chicago and its medical center in 2017. The goal was to unlock data within patient records and improve predictive analysis. Google has been exploring ways technology can be used to read EHRs and help physicians identify medical conditions. Google, University of Chicago hit with lawsuit over patient data sharing
- The MSP PCM was breached last month and hackers stole credentials for Office 365 client accounts.
- The SoCal firm is huge with thousands of customers. Apparently, the motive was to attempt gift card fraud. The Wipro breach had a similar pattern, but unclear if the two were related. Breach at Cloud Solution Provider PCM Inc.
- The health insurer Dominion National has had a data breach back in August 2010 that was only recently discovered.
- Data included SSNs and bank accounts. The company said it hasn’t seen any evidence that this data was accessed or misused and didn’t provide any explanation of why the breach took so long to discover. Insurer Dominion National Reports Server Hack That Began August 2010
- Nine staffers at the Oregon Department of Human Services were phished back in January.
- The upshot is that personal health data from more than 600,000 consumers might have been leaked, including Social Security numbers. Apparently, the reporting delay occurred because it took time to analyze millions of emails to determine the extent of the leak. On January 28, 2019, the Department of Human Services and the Department of Administrative Services Enterprise Security Office confirmed that sensitive information may have been accessed through targeted phishing.
Discover more trending and viral stories from our GDPR Service. The remaining Private Data breaches made news headlines. All these news related to GDPR Services happened just in the last week.
- Riviera Beach isn’t the only local municipality paying ransom to cyber hackers. The Village of Palm Springs said it too was hit by hackers.
- Palm Springs Village Manager Rich Reade said the cyber attack happened more than a year ago. According to Reade, malware called ‘Amnesia 3’ got into their system through a phishing email and locked them out of their files. Village of Palm Springs confirms cyber attack
- Fears that evidence may have been compromised after two day ransomware onslaught
- A criminal probe has been launched after a forensics firm widely used by police to help with investigations was targeted in a cyber attack. There are fears key evidence may have been compromised after Eurofins Scientific – which is used by forces across the UK – was hit by a two day ransomware onslaught at the start of June. Forensic firm used by police targeted in cyber attack
- An online forum focused on discussion of all things social engineering has been breached, with the details of tens of thousands of account holders compromised.
- The admin claimed they had been forced to move the platform over to XenForo, asking users to chip in to help pay for the migration. The breach itself happened on June 13, 2019 and compromised 89,392 accounts, according to information on HaveIBeenPwned. Social Engineering Forum Suffers Major Breach
- Researchers have discovered a chain of flaws in EA Games’ login process that could allow an attacker to take over the accounts of any or multiple EA gamers — and there are 300 million of these around the globe.
- Stolen gaming credentials are valuable and frequently sold on the internet. The flaws were discovered in EA’s Origin platform and worked into a proof of concept by Check Point Research and Cyberint researchers. EA Games Login Flaw Exposed Accounts of 300 Million Gamers
- Anonymous Belgium hacker sentenced to 18 months in prison for past cyber-crimes.
- In a bizarre investigation, Belgium police have identified a member of the Anonymous Belgium hacker collective while investigating an arson case at a local bank. The perpetrator, a 35-year-old man from the Belgian city of Roeselare, was initially arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, a suburb of Roeselare, back in 2014. Anonymous hacker exposed after dropping USB drive while throwing Molotov cocktail
- Cybercriminals have managed to infiltrate over a dozen mobile carriers around the world and gain complete control of their networks without their knowledge according to new research from Cybereason.
- Last year, the Cybereason Nocturnus team discovered an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. These bad actors still control the network today and have even built a VPN for their convenience. Cybercrooks built their own VPN to hack into global telcos