National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over 700 veterinary hospitals and clinics in the U.S., Canada, Australia, and New Zealand. NVA was reportedly hit with the Ryuk ransomware virus, … Continue Reading
The Centers for Medicare and Medicaid (CMS) has announced that approximately 220,000 Medicare beneficiaries’ card numbers have been compromised “by an unknown person or organization.” That means CMS doesn’t know who or how the cards were compromised. Although CMS says it is working to “remedy the situation,” in the meantime, it is checking billing systems … Continue Reading
It has been reported by Troy Hunt, the security researcher who provides the “Have I Been Pwned” free breach notification service, that 1.4 million passwords and personal information of customers of GateHub, a cryptocurrency wallet service provider, and 800,000 customers of EpicBot gaming bot provider RuneScape are for sale on the web. According to Hunt, … Continue Reading
Security researchers Intezer and IBM X-Force have identified a new ransomware that is seriously vicious. It’s PureLocker—named because it is programmed in PureBasic language, which is apparently unusual. The scary thing about this ransomware being written in PureBasic programming language is that it can target different platforms and is transferable between different operating systems, including … Continue Reading
Cyberliability insurance provider Beazley Insurance Company has analyzed its internal breach response data and determined that in its experience, there has been a thirty-seven percent (37%) increase in ransomware attacks this most recent quarter from the last quarter of 2019. Twenty-five percent (25%) of those incidents were against managed service providers (MSPs). An MSP assists … Continue Reading
CyberX recently released its 2020 Global IoT/ICS Risk Report (Report), which compiles survey questions and answers from 1,821 production networks of electric utilities, and oil and gas companies. Although the Report admitted that oil and gas companies and electric utilities tend to be ahead of the curve on cybersecurity compared to other sectors, they are … Continue Reading
On October 13, 2019, TrialWorks, a legal case management software platform, announced to its customers, that it was experiencing a hosting outage at its data center and would provide updates as more was learned about the situation. The update issued the next day admitted that TrialWorks was in the midst of a ransomware attack. It … Continue Reading
U.S. Senator Ron Wyden, D-Oregon, recently introduced comprehensive privacy legislation, known as the “Mind Your Own Business Act” (MYOB Act), to provide protections for the private data of Americans and to hold corporate executives accountable if they abuse such information. While this isn’t the first such legislation introduced in Congress and is unlikely to be the … Continue Reading
Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to obtain sensitive information that can be used in future attacks. Last week, it was reported by ZDNet that two security … Continue Reading
A reporter from the Philadelphia Inquirer discovered that sensitive data of hepatitis patients were accessible online through a Philadelphia Department of Public Health (DPH) website tool without the need for a password. The Inquirer was able to access the data of some 23,000 patients who had contracted Hepatitis C. The vulnerable data included the patient’s … Continue Reading
A recent Ponemon Institute study finds that small and mid-sized businesses continue to be targeted by cybercriminals, and are struggling to direct an appropriate amount of resources to combat the attacks. The Ponemon study finds that 76 percent of the 592 companies surveyed had experienced a cyber-attack in the previous year, up from 70 percent … Continue Reading
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) recently issued a public service announcement warning private companies about the increasing numbers of ransomware attacks affecting private industry. According to the warning, “Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial … Continue Reading
On the heels of an FDA committee report concerning cybersecurity issues with medical devices [view related post] the U.S. Food and Drug Administration (FDA) issued an alert regarding cybersecurity vulnerabilities, referred to as “URGENT/11,” that could introduce risks for some medical devices and hospital networks. According to the FDA’s October 1st notice, the URGENT/11 vulnerabilities … Continue Reading
Consistent with our experience, security firm McAfee has confirmed in a report that ransomware attacks have doubled in 2019. Medical providers have been hit hard this year, and one provider, Wood Ranch Medical, located in California, is permanently closing following a ransomware attack. Wood Ranch was hit with a ransomware attack over the summer, and … Continue Reading
The United States Government Accounting Office (GAO) recently issued a report on the cybersecurity risks facing the electric grid. The GAO reviewed the cybersecurity of the electric grid to determine the risks and challenges facing the grid, to describe federal efforts to address those risks, to assess the extent to which the Department of Energy … Continue Reading
Many cities in the United States utilize a self-pay portal for residents to pay bills online, known as Click2Gov. Click2Gov was compromised in 2017 and 2018, when hackers were able to access over 300,000 payment cards and reportedly made more than $2 million in the heist. It is being reported this week by security researchers … Continue Reading
The Patient Engagement Advisory Committee (Committee) to the Food and Drug Association (FDA) met recently to discuss cybersecurity in medical devices. Medical devices are increasingly connected to the internet, hospital networks, and other medical devices to provide features designed to improve healthcare and increase providers’ ability to treat patients. However, as medical devices become more … Continue Reading
The Ecuadorian Ministry of Telecommunications and Information Security has announced an investigation into data analytics company Novaestrat after news broke this week that the company left an Elasticsearch server open without any password protection, allowing open access to the data. According to officials, Novaestrat was not supposed to have the data in the first place. … Continue Reading
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to reports, the cyber criminals behind the recent ransomware attack were holding teacher lesson plans hostage. The … Continue Reading
July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected more than 500 records reported to the Office for Civil Rights (OCR), according to HIPAA Journal. Those 50 reportable data breaches exposed more than 35 million individuals’ health care records. HIPAA Journal opines that … Continue Reading
It’s a busy time for colleges and universities as the fall semester starts and campuses are bustling with activity. It’s also the perfect time for cyber criminals to create mayhem for institutions of higher education with a cyber-attack. That is exactly what happened to Regis University in Denver, Colorado. The university had to shut down … Continue Reading
Although the number of security vulnerabilities reported in the first half of 2019 have dropped a bit from last year, a new report by Risk Based Security states that 34 percent of the 11,092 vulnerabilities identified have not been patched to date. The key findings of the report include the following: Web-related vulnerabilities accounted for … Continue Reading
We have definitely seen an uptick in the number of ransomware attacks against municipalities around the country. Thus far, the attacks have been against single cities, towns, and court systems, and recently against a Louisiana school system. The pace and coordination of these attacks have magnified, as evidenced by the coordinated and simultaneous ransomware attacks this … Continue Reading
It was reported this week by The Guardian and Forbes that security researchers from Vpnmentor have discovered and published a report that Suprema, a company that collects and monitors biometric information such as fingerprints and facial recognition data, has left exposed the biometric information of 28 million records and 23 gigabytes of data insecure. Suprema … Continue Reading
