PrivacySignal
Breach

Washington Dept. of Social and Health Services announces massive data breach

DataBreaches.net · · International · Data Breaches

Washington's Department of Social and Health Services disclosed that a former employee accessed personal data belonging to roughly 8,600 people without authorization in March. The agency launched an internal investigation and is now notifying those whose information may have been compromised.

Why this matters: The people affected here are not random customers. They are people who turned to a government social services agency — often at a low point, often with no choice. That means the data is likely sensitive: health conditions, financial situations, family circumstances. The threat was not an outside hacker. It was someone already inside, with access. That is a harder problem to solve. It also means the agency had a responsibility to monitor what employees were doing with this data, and it apparently took months to surface. People who had no option but to share their information with this agency deserved better controls than that.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
BleepingComputer · · International

Chinese hackers develop LONGLEASH malware to expand ORB network

Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromising internet-facing networking devices, primarily unpatched Ruckus routers. [...]

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
HIPAA Journal · · US Federal

Calibrated Healthcare Settles Class Action Data Breach Lawsuit

Calibrated Healthcare has agreed to settle a class action lawsuit tied to a data breach that occurred in February, according to reporting in The HIPAA Journal. The settlement resolves claims brought collectively by individuals affected by the incident.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals

#breach#enforcement#healthcare Read original →
Breach
DataBreaches.net · · International

Bojangles sued again by workers over Russian hacker data breach. NC judge weighs in

Bojangles faces renewed class-action litigation from employees whose personal data was compromised in a 2024 breach attributed to the ransomware group Hunters International. A North Carolina judge is now weighing key legal questions around standing and negligence as the case moves through both state and federal courts.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance

#breach#enforcement Read original →