It’s a great pleasure to finish the year with the last list of data breaches and cyber attacks of 2017. This year has certainly been an eye-opener for me in regards to just how poorly organisations can handle data.
Four years have passed since I started compiling these monthly lists, and while there have been many developments in data protection and privacy in that time, nothing has introduced such significant change as the EU GDPR.
I close 2017 with the hope that the introduction of the EU GDPR will encourage organisations to better protect the data they hold, and to give it the respect it requires.
Data protection is more than just protecting data from the unauthorised: it’s about ensuring it’s used for the sole purpose it was collected, and respecting the privacy of those whose data it is.
Privacy is not something that we’re merely entitled to, it’s an absolute right.
Cyber attack and ransomware
Attackers claim to have hacked MEDHOST
FBI investigates cyberterrorist attack on Stanislaus County network
Proctor schools hit by ransomware attack
Top Security Firm Admits to MitM Security Incident
Jerome School District falls victim to ransomware
National Capital Poison Center discloses ransomware incident
After computer hack, Nashotah pays $2K ransom for residents’ personal information
Mad River Twp. Fire and EMS data hacked, encrypted with ransomware
Mecklenburg Co. leaders release ransom email from hackers
Former Sysadmin Caught Hacking His Ex-Employer by His Replacement
Data breach
Nissan Canada data breach may have exposed 1.1M finance customers’ information
MidMichigan notifies patients of potential breach
Chilton Medical Center hard drive containing protected health information was sold online
NYU Langone Health Notifies Patients of Improperly Disposed Binder Containing Patient Information
Home Economics: How Life in 123 Million American Households Was Exposed Online
Former hotel clerk arrested for profiting from guests’ info
Lincoln Nonprofit’s Laptop Containing Vital Information Stolen in Car Break-In
LSU issues notifications regarding stolen laptop
Austin Manual Therapy notifies 1,750 patients of data breach
Hackers may have stolen the personal data of 80,000 people associated with Osaka University
eBay Privacy Breach Exposes Customer Names on Google
Cape students affected by data breach
Clarion U. students notified after employees fall for phishing attack
Glens Falls Hospital workers’ Social Security numbers released in internal email
24,000 UNC Health Care patients affected by potential security breach
Sinai Health System announces data breach but says risk to patients low
oBike reviewing app security after international user data leak
Henry Ford Health System Warns 18,470 Patients Of Data Breach
Real Time Health Quotes leak affected health insurance applicants
July Systems data leak: Massive trove of sensitive information exposed online via unsecured database
Baptist Health Louisville notifies 880 patients after phishing incident
A popular virtual keyboard app leaks 31 million users’ personal data
Former employee reportedly steals mental health data on 28,434 Bexar County patients
Data security breach at Rutgers leaves the information of 1,700 students unprotected
Financial information
Text alert: the ‘bank’ message that cost a student £5,400 of her loan money
Basic training in avoiding phishing is no longer sufficient
PayPal Admits Acquired Company Suffered Major Breach
‘Cyber heist’: 600 bank accounts hacked for Rs 10million
Other
U.S. claims North Korea was responsible for WannaCry
Fighting back against cyber crime
Romania arrests five suspected members of major ransomware gang
Former nurse sentenced for cyber stalking campaign
Chicago Man Charged With Hacking Company’s Servers After Termination
Hacker got details of 165,000 people from sites including Uber and Groupon
Happy New Year Lewis,
Are you planning on doing the year in review for 2017. I would like to the yearly totals or just January and April I think was missing from your posts.