At a glance.
- Kentucky's unemployment system exposed claimant information.
- Vermont tax returns exposed to unauthorized access.
- Blackbaud ransomware's effects continue to spread to its customers.
Kentucky's unemployment system sustains a data breach.
The US state of Kentucky (the Commonwealth of Kentucky, to pedantically give the state its official name) has sustained a data exposure incident. One claimant, according to the Louisville Courier-Journal, was inadvertently able to see another claimant's employer and healthcare information while navigating his own claim. Governor Bashear said in a press conference yesterday that no one's Social Security Number or similar identifying information had been exposed, and that "absolutely no one to our knowledge has been financially harmed whatsoever. And at this time we don't think that there is a threat to anybody's credit or financial information, at all." Critics are reluctant to accept the Governor's no-harm-no-foul summation, especially since the same thing happened in April and the state government said it had fixed the problem. So it may be another minor one off, but those who've filed for unemployment benefits unfortunately may have to add vigilance about identity theft and fraud to their concerns at a time when they've got troubles enough.
Vermont's Department of Taxation discloses data breach.
Another US state, Vermont, has disclosed that three years' of Property Transfer Tax returns were until recently vulnerable to exposure, BleepingComputer reports. In its disclosure, the Department of Taxation wrote, "Verification credentials for electronically filed property transfer tax returns available in public municipal records could be used to access previously submitted tax return information. The credentials could have been used to access private information including the social security number of the buyer of the property, and last four digits of the social security number of the seller of the property." The Department says it's disabled the functionality that could have given unauthorized parties access to the returns.
Blackbaud ransomware attack's effects continue to spread.
Academic and not-for-profit organizations in the UK, Ireland, Australia, Canada, New Zealand, and the United States continue to suffer the ripple effect of the ransomware attack on Blackbaud, a widely used provider of donor-management services, the Chronicle of Philanthropy notes. Blackbaud paid the requested ransom and believes that the criminals who hacked it won't release any data they've stolen.