As a frequent traveler, both personally and professionally, this bit of research unnerved me. Of course, it makes sense when you think about it, and none of us should be surprised, but it is a good reminder for those of us who are on the road a lot. Security researchers at F-Secure in Finland report … Continue Reading
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the health care industry, Symantec has reported that a new hacking group, dubbed “Orangeworm,” is carefully selecting its targets and strategy prior to launching an attack. According to Symantec, the hackers have … Continue Reading
Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme. The incident illustrates how the manufacturing sector is continuing to … Continue Reading
Orbitz, the travel booking entity that is owned by Expedia, has confirmed that it has “identified and remediated a data security incident affecting a legacy travel booking platform.” This means that one of its older websites that are used by customers to book their travel plans was hacked. The statement says that Orbitz uncovered evidence earlier … Continue Reading
The recently released Protenus Healthcare Breach Barometer report notes that in January, 2018, at least 473,807 patient records were compromised in 37 breaches reported to the Office for Civil Rights. Twelve of the reported breaches were attributable to insiders, which was 32 percent of the data breaches reported in January. Seven of those incidents were … Continue Reading
Oklahoma State University Center for Health Sciences (OSUCHS) has notified 279,865 patients that their protected health information may have been compromised as a result of a hacking incident. OSUCHS has determined that an unauthorized individual gained access to its system housing Medicaid billing information on November 7, 2017, but it is unable to determine whether … Continue Reading
Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the number of hacking events targeted at health care entities involving ransomware increased a whopping 89% from 2016. The report analyzed the self-reporting database of the Office for Civil Rights (OCR) … Continue Reading
The Federal Bureau of Investigation (FBI) issued a warning to parents in the past about the concerns with connected toys. Many parents recently bought the newest gadgets for their kids over the holidays, without realizing the capabilities of these toys to collect, maintain, sell and use personal information. As I chat with people about the … Continue Reading
The latest report regarding Russia stealing U.S. cyber secrets is yet again centered around the National Security Agency (NSA), using Contractors to gain access, in some cases, to classified data. It has been reported that a NSA Contractor (fired back in 2015) put highly classified U.S. cyber secrets on his home computer, which included information … Continue Reading
The news about data breaches always seems to be dire lately. Some good news: data breaches in the healthcare industry were lower in October than in September, based upon reportable data breaches to the Office for Civil Rights (OCR). Note that only breaches involving more than 500 records have to be disclosed to the OCR … Continue Reading
On November 24, 2017, image-sharing website Imgur disclosed that email addresses and passwords of 1.7 million users were stolen in a 2014 hack on the company. Imgur became aware of the breach on November 23, 2017 when a security researcher alerted the company about the potential issue. The breach was confirmed on November 24th and … Continue Reading
A new study by Google, the University of California Berkeley and the International Computer Science Institute has concluded that email users are being threatened by massive credential theft and phishing schemes are the primary way hackers are stealing credentials. According to the study, phishing victims are 400 times more likely to have their email accounts … Continue Reading
Beazley has published a report outlining data breaches in the first nine months of 2017. The report notes that the highest cause of a data breach in 2017 so far are unintended disclosures, which accounted for 41 percent of all incidents. Beazley stated: “We urge organizations not to ignore this significant risk and to invest … Continue Reading
Security researchers at Check Point discovered software vulnerabilities in LG IoT devices which allowed them to potentially gain control over LG refrigerators, ovens, dishwashers and a live feed from a robot vacuum cleaner. A vulnerability in the mobil app and cloud app allowed them to remotely gain access to LG IoT devices with just an … Continue Reading
Unfortunately, September was another banner month for data breaches involving the health care industry. According to the Office for Civil Rights (OCR) website, 39 data breaches involving over 500 records were reported to the OCR in the month of September. This does not include all records breached, as health care entities have until February 2018 … Continue Reading
Fax machines are still used in the medical community, and these days, faxing may be more secure than emailing as hackers have not yet cracked the task of hacking into old fax machines. All kidding aside, fax machines have been, and continue to be a risk to organizations as they have the ability to store … Continue Reading
You drop your smartphone and now there are a million cracks and you can hardly read your texts. Getting the screen replaced by the manufacturer of the phone is usually expensive and sometimes it is so expensive that it makes more sense just to buy a new phone. But some will bypass the manufacturer and … Continue Reading
In the latest example of security risks attendant to initial coin offerings (ICOs), on August 21st the blockchain startup Enigma reported that online scammers used fake solicitations for an ICO presale to steal approximately $500,000 in ether (a virtual currency) from investors. Enigma is a blockchain startup incubated at MIT Media Lab that is in … Continue Reading
Cybersecurity for critical infrastructure continues to be of concern, including the transportation sector. A new study by ABI Research concludes that although the transportation sector continues to increase spending on cybersecurity year over year, the rapid digitization of airports, aircraft, trains, ships, and cars puts this sector at risk. The study mentions that poor cybersecurity … Continue Reading
On August 1, 2017, 32M, located in Wisconsin, is offering its employees the ability to have RFID chips implanted into their hands to make purchases at the company break rooms, open doors, use the copy machine and log on to their company computer. On top of that, the employer issued chip can store medical and … Continue Reading
We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading
A cyber-attack against–Bithumb–one of South Korea’s largest cryptocurrency exchanges and one of the five largest in the world—has reaped access to the data of 30,000 users and drained their accounts in the process. Bithumb is one of the biggest ethereum exchanges by volume in South Korea, representing more than 44 percent of trading in that … Continue Reading
Social networking app Wishbone, which is used primarily by teenage girls to vote on various teenage type quizzes, like favorite entertainers or fashion, has been hacked. The intruders have reportedly gained access to users’ (again, primarily female minors) names, unique email addresses and mobile telephone numbers. Not just a few, either. The data compromised included … Continue Reading
President Trump’s administration is asking Congress to grant the federal government power to track, hack and destroy any type of drone that is flying over domestic soil. The draft legislation includes new exception to laws governing surveillance, computer privacy and aircraft protection. This draft legislation stems from the government’s growing concern for the widespread use … Continue Reading
