Tag Archives: hacked

2.6 Million Atrium Health Patient Records Compromised by Vendor AccuDoc

Atrium Health and its vendor, AccuDoc Solutions, released a joint announcement this week that AccuDoc’s database of 2.6 million billing records of Atrium Health’s patients has been compromised by a hacking incident. The information contained in the database included patient names, addresses, dates of birth, health insurance information, account balances, dates of service and some … Continue Reading

Phishing Attack Causes Breach at Southwest Washington Regional Surgery Center

Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of health care information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email sent to one individual at Anthem [view … Continue Reading

Hackers Tamper with Trademark Applications and Registrations in USPTO System

The U.S. Patent and Trademark Office (USPTO) announced last week that it has discovered that unauthorized users have attempted to hack into its online trademark system to attempt to make unauthorized changes to active trademark applications and registrations. They have also tried to register marks owned by others on third-party brand registries. According to USPTO, … Continue Reading

Office 365 Migration

Many companies are migrating their email systems to Microsoft Office 365 (O365). The majority of security incidents in which we have been engaged in over the past six months involve a hacker successfully phishing an employee of the company (most of the time someone who is an executive in the company) and then spoofing the … Continue Reading

Facebook Acknowledges Breach of Sensitive Data for Nearly 30 Million Users

As we previously noted, Facebook originally announced a breach late last month, in which hackers took advantage of a code vulnerability in the website’s “View As” feature, to access user’s data. However, on October 12, 2018, Facebook stepped back the number of affected accounts from 50 to roughly 30 million, and it acknowledged that hackers … Continue Reading

Privacy Tip #159 – Consider Risks When Using Facebook and Other Social Media Platforms

Facebook announced late last week that it had suffered the largest breach in its history with 50 million accounts were compromised, and another 40 million accounts affected. Yes, that equals 90 million accounts. If you use Facebook and were locked out of your account over the weekend, your account was most likely affected. The 50 … Continue Reading

California Tackles IoT Security with New Bill

The State of California is once again leading the way with trying to keep up with technology and protecting consumers. Senate Bill 327 requires Internet of Things (IoT) developers to implement “reasonable security features” in IoT products, such as baby monitors, televisions, automobiles, home appliances, fitness monitors, home security systems, and the like. This is … Continue Reading

Uber Settles Data Breach Case With All 50 State AGs for $148 Million

Yesterday (September 26, 2018), Uber Technologies Inc. agreed to finish inquiries of all 50 states of its 2016 data breach by paying $148 million in different amounts to all 50 states and the District of Columbia. The settlement concludes the investigations into the data breach, which occurred in 2016 when hackers absconded with the personal … Continue Reading

July Worst Month in 2018 for Health Care Data Breaches Reported to OCR

Data breaches continue to plague the health care industry, and July 2018 was the worst month so far this year in the number of data breaches reported to the Office for Civil Rights (OCR). Thirty-three data breaches were reported by covered entities and business associates in July, with the largest one reported by UnityPoint Health, … Continue Reading

Millions of Sensitive Records Leaked by Another Spyware Maker

We reported last week that a spyware maker compromised users’ and victims’ sensitive information [view related post]. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its product to “spy” on their partners and children, has reportedly leaked the passwords, call logs, text messages, location data, … Continue Reading

Spyware Company Hacked

It has been reported that a hacker was able to break into the servers of TheTruthSpy, a company that is described as “one of the most notorious stalkerware companies out there”  (Motherboard, August 2018) and was able to steal logins, audio recordings, text messages, and pictures of victims. Motherboard has issued a series of stories that … Continue Reading

Botnet Necurs Turns Its Focus On Banks

Just days after the FBI issued a private warning to the banking industry (read more here), the botnet network known as Necurs began a spamming campaign that targeted the banking industry. The activity was discovered by the security research firm Cofense. According to Cofense, the Necurs network started a concentrated spear phishing campaign against approximately … Continue Reading

Russian Hackers Successfully Phished Hundreds of U.S. Companies Last Year

The Department of Homeland Security (DHS) has indicated that Russian hackers successfully attacked the energy, nuclear, aviation and critical manufacturing sectors through targeted phishing campaigns throughout 2017. According to DHS, the coordinated attacks started in 2016 with one compromise that was dormant for a year until other infiltrations occurred. The hackers targeted real people by … Continue Reading

Virginia Bank, Hacked Twice with Phishing Schemes, Losing $2.4 Million

In a lawsuit against its insurance company requesting reimbursement for close to $2.4 million from two different hacking incidents, National Bank of Blacksburg detailed the intrusions, which are instructive of a sophisticated scheme against the financial services industry. According to the lawsuit, the first theft took place on Memorial Day weekend of 2016. In that … Continue Reading

“Orangeworm” Targeting Health Care Industry

In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the health care industry, Symantec has reported that a new hacking group, dubbed “Orangeworm,” is carefully selecting its targets and strategy prior to launching an attack. According to Symantec, the hackers have … Continue Reading

Manufacturing Sector Getting Hit with Cyber-Attacks: Portable Oxygen Device Manufacturer Notifies 30,000 Patients of Breach

Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme. The incident illustrates how the manufacturing sector is continuing to … Continue Reading

Orbitz Confirms Breach of Travel Records and Credit Card Information of 880,000 Individuals

Orbitz, the travel booking entity that is owned by Expedia, has confirmed that it has “identified and remediated a data security incident affecting a legacy travel booking platform.” This means that one of its older websites that are used by customers to book their travel plans was hacked. The statement says that Orbitz uncovered evidence earlier … Continue Reading

473,807 Patient Records Compromised in January, 2018—83 Percent Caused by Hacking Incidents

The recently released Protenus Healthcare Breach Barometer report notes that in January, 2018, at least 473,807 patient records were compromised in 37 breaches reported to the Office for Civil Rights. Twelve of the reported breaches were attributable to insiders, which was 32 percent of the data breaches reported in January. Seven of those incidents were … Continue Reading
LexBlog