California utility PG&E named as U.S. energy company that left 30,000 records about its information security assets exposed online for 70 days in violation of energy sector cybersecurity regulations. The company had previously admitted to unintentionally exposing sensitive data in 2016, although it initially claimed that a publicly exposed database contained fake data. A freedom of information act request filed by a nonprofit group that focuses on critical infrastructure protection confirmed the utility that reached the settlement agreement, the Wall Street Journal reported Friday. The utility reached the agreement over two violations of the Critical Infrastructure Protection NERC Reliability Standards.”]
Source: https://www.cuinfosecurity.com/breach-reveal-pge-exposed-30000-sensitive-records-a-11429