Connecticut Department of Social Services (DSS) sent a notification about a potential breach of the protected health information (PHI) of 37,000 persons due to several phishing attacks that happened from July to December 2019. Several email accounts were compromised and were employed to mail spam emails to a number of DSS employees. The investigation of …
The HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) has released a recent advisory on ransomware activity that targets the healthcare and public health industries. In late October, the HHS, Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) issued a joint advisory about an upcoming increase in …
ASPR Gives Update on Ransomware Activities in the Healthcare Sector Read More »
Server Breach Impacts Patients of Northwest Eye Surgeons and Sight Partners Northwest Eye Surgeons LLC and Sight Partners LLC began informing 20,838 patients regarding the unauthorized access of some of their protected health information (PHI) stored on a server. OnMay 1, 2020, the breach was discovered and the providers investigated the breach immediately to know …
The City of New Haven, Connecticut has made the decision to resolve its HIPAA violation case with the Department of Health and Human Services’ Office for Civil Rights by paying off $202,400 as a financial penalty. OCR started an investigation in May 2017 right after getting New Haven’s data breach notice on January 24, 2017. …
MITRE Corporation created a new rubric for determining Common Vulnerability Scoring System (CVSS) scores of medical device vulnerabilities and it has passed the FDA’s scrutiny. The CVSS was created for setting scores for vulnerabilities in IT systems based on their severity, and although the system works well for a lot of IT systems, it is …
FDA Okays Tool for Determining Medical Device Vulnerability Scores Read More »
Comparitech security researcher Bob Diachenko has found an open group of databases that belong to the Voice over IP (VoIP) telecommunications merchant Broadvoice. The records of more than 350 million clients are stored in the databases. The compromised Elasticsearch cluster was identified on October 1, 2020, when the Shodan.io search engine indexed the database cluster. …
Exposed Broadvoice Databases Contained 350 Million Records, Including Health Information Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory about sophisticated advanced persistent threat groups sequencing exploits for various vulnerabilities in cyberattacks focused at federal and state, local, tribal, and territorial (SLTT) government networks, election support systems and critical infrastructure. Although there were thriving attacks on …
Subsequent to a time period of dormancy between February 2020 and July 2020, the Emotet botnet jumped back again and began spam runs circulating the Emotet Trojan. As of August 2020, cyberattacks on local and state governments have heightened, forcing the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) to announce a cybersecurity …
CISA Publishes Advisory Due to Greater Emotet Malware Attacks Read More »
Universal Health Services (UHS) based in King of Prussia, PA has encountered a major security breach that led to the unavailability of its IT systems. The health system has over 400 healthcare facilities all over the US and the UK. The Fortune 500 healthcare service provider has above 90,000 personnel and serves approximately 3.5 million …
The U.S. Department of Justice issued an advisory that an associate of the well known hacking group, The Dark Overlord, obtained his sentence to 5 years imprisonment and has been required to pay off $1.4 million in indemnification. The Dark Overlord started off targeting U.S. companies in 2016. The hackers obtained access to the computer …
A Dark Overlord Hacking Group Member Sentenced to 5 Years Imprisonment Read More »
