U.S.

New York State School District Audits Released in June

New York State Comptroller DiNapoli released more school district audits in June. As always, some of the audits do not reveal all the concerns or recommendations. Some concerns or recommendations are shared with districts confidentially for security reasons. Here are summaries of audits of school districts released in June that relate to school district...

FTC Finalizes Action Against CafePress for Covering Up Data Breach, Lax Security

CafePress Must Bolster Data Security Protections, Pay Half a Million Dollars The Federal Trade Commission finalized an order against CafePress over allegations that it failed to secure consumers’ sensitive personal data including Social Security numbers and covered up a major data breach. The Commission’s order requires the company to bolster its data security and requires its...

Maryland Amends Data Security and Breach Notice Obligations

Julia K. Kadish, Kari M. Rollins, and Liisa M. Thomas of Sheppard, Mullin, Richter & Hampton LLP write: Maryland recently passed two companion bills amending the state’s Personal Information Protection Act. The bills modify the data breach notification requirements and scope of businesses subject to the data security requirements. The key changes are summarized below, and...

Brooks County pays off hacker with tax dollars after ransomware attack

Andrew Christiansen reports: A recent ransomware attack on Brooks County’s Justice of the Peace and district courts, and finance department, cost it more than $37,000. “I’m very unhappy because of that,” said resident Mario Villarreal. “It’s scary — of course it is — for everybody.” Brooks County Judge Eric Ramos said the attack took...

Grand Valley State University hit by ransomware but remains publicly silent

According to its website, Grand Valley State University (GVSU) in Michigan currently has 19,239 undergraduate students and 3,027 graduate students. The university offers 141 undergraduate and graduate degrees and employs 1,760 faculty members and 2,050 support staff members. Almost all of their students get some kind of financial aid.  Those are some commendable statistics....

Flagstar Bank discloses data breach impacting 1.5 million customers

Bill Toulas reports: Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. Flagstar is a Michigan-based financial services provider and one of the largest banks in the United States, having total assets of over $30 billion. Read more at Bleeping Computer.  

Ex-Amazon Cloud Worker Convicted of Capital One Hack

Robert Burnson reports: A former Amazon Web Services worker was convicted of hacking into the company’s cloud servers to steal customer data and computer power that she used to mine cryptocurrency. Following a week-long trial in Seattle, Paige A. Thompson, 36, was found guilty of seven federal crimes, including wire fraud, which carries a prison...