Tag Archives: Hackers

Jackson County, Georgia Pays Hackers $400,000 After Ransomware Attack

Cities and towns continue to be a profitable target for successful ransomware attacks. As we previously reported [view related posts], the list of cities and towns getting hit with ransomware attacks continues to grow. Last week, Jackson County, Georgia admitted that it paid hackers $400,000 to obtain access to its information that was locked down … Continue Reading

Community Health System Agrees to Settlement of $4.5 Million for 2014 Data Breach

Community Health System, located in Tennessee, has agreed to settle claims made against it arising from a 2014 data breach for $4.5 million. The data breach, believed to be caused by Chinese hackers, compromised the names, dates of birth, addresses, telephone numbers, and Social Security numbers of 4.5 million patients of the hospital system, which … Continue Reading

Patch, Patch, Patch Those Vulnerabilities

The bane of data security is the patch. The patch is what your IT guys are doing in the background to fix vulnerabilities in software that are known to the manufacturers, and to attempt to fix the vulnerability before hackers can exploit it. Patching is a very important part of a security plan, but the … Continue Reading

Phishing Attack Causes Breach at Southwest Washington Regional Surgery Center

Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of health care information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email sent to one individual at Anthem [view … Continue Reading

Hackers Tamper with Trademark Applications and Registrations in USPTO System

The U.S. Patent and Trademark Office (USPTO) announced last week that it has discovered that unauthorized users have attempted to hack into its online trademark system to attempt to make unauthorized changes to active trademark applications and registrations. They have also tried to register marks owned by others on third-party brand registries. According to USPTO, … Continue Reading

Facebook Acknowledges Breach of Sensitive Data for Nearly 30 Million Users

As we previously noted, Facebook originally announced a breach late last month, in which hackers took advantage of a code vulnerability in the website’s “View As” feature, to access user’s data. However, on October 12, 2018, Facebook stepped back the number of affected accounts from 50 to roughly 30 million, and it acknowledged that hackers … Continue Reading

Botnet Necurs Turns Its Focus On Banks

Just days after the FBI issued a private warning to the banking industry (read more here), the botnet network known as Necurs began a spamming campaign that targeted the banking industry. The activity was discovered by the security research firm Cofense. According to Cofense, the Necurs network started a concentrated spear phishing campaign against approximately … Continue Reading

Russian Hackers Successfully Phished Hundreds of U.S. Companies Last Year

The Department of Homeland Security (DHS) has indicated that Russian hackers successfully attacked the energy, nuclear, aviation and critical manufacturing sectors through targeted phishing campaigns throughout 2017. According to DHS, the coordinated attacks started in 2016 with one compromise that was dormant for a year until other infiltrations occurred. The hackers targeted real people by … Continue Reading

SEC Updates Guidance on Public Companies’ Disclosure of Cyber-Attacks

The U.S. Securities and Exchange Commission (SEC) updated guidance to public companies this week on how and when they are to disclose cybersecurity risks and breaches. The SEC suggests that public companies should disclose potential weaknesses that have not been targeted by hackers. There has always been a tension between the SEC and public companies … Continue Reading

Aviation and Petrochemical Industries Subject to Hacking by Iran

Hackers working on behalf of the Iranian government have been targeting the aviation and petrochemical industries in the United States, Saudi Arabia, and South Korea since 2013, according to a report released by FireEye last week. According to the report, APT33, a hacking group working for the Iranian government, have sent phishing emails to aviation … Continue Reading

Security Vulnerabilities Identified in Wireless Syringe Infusion Pumps

The U.S. Department of Homeland Security (DHS) recently issued a warning that Smiths Medical Medfusion 4000 wireless syringe infusion pumps contain a security vulnerability that can be exploited by hackers to alter the performance of the medical devices. The devices are used to infuse small doses of medication to patients and are used in acute … Continue Reading

To Travel With My Laptop …or Not!

Tricky decision to make if you are among the millions that travel for work…. how safe is it? Will the new “laptop travel ban” affect me? What airports am I connecting through that are of concern?  Is public Wi-Fi secure? Did that person just look over my shoulder (a.k.a. Shoulder Surfing) while I was opening … Continue Reading

New Mexico Enacts Data Breach Notification Law

Governor Susana Martinez recently signed into law the New Mexico “Data Breach Notification Act” (the Act), making New Mexico the 48th state (plus Puerto Rico and the District of Columbia) to adopt legislation mandating the provision of notice in the event of a data breach. The Act – which takes effect June 16, 2017 – … Continue Reading

Eight Thousand Clients Affected by Data Breach at Two Massachusetts Accounting Firms

Two Massachusetts accounting firms separately recently notified the Office of the Massachusetts Attorney General and the Office of Consumer Affairs and Business Regulation of data breach incidents at their firms, resulting in the unauthorized access of their respective clients’ names, addresses and Social Security numbers. The first accounting firm, King McNamara Moriarty LLP (KMM) discovered … Continue Reading

IRS to Notify 100,000 Taxpayers That Their Information May Have Been Obtained Through Misuse of FAFSA Retrieval Tool

On Thursday, Internal Revenue Service (“IRS”) Commissioner John Koskinen testified that the personal data of up to a 100,000 taxpayers could have been compromised as a result of criminal use of the Free Application for Federal Student Aid Data Retrieval Tool (“DRT”). Last week, we posted that the IRS disabled the tool after it suspected … Continue Reading

Yahoo Breaches Cost Shareholders $350 Million From Lowered Purchase Price, CEO Forfeits $14 Million in Compensation

Yahoo’s troubles for failing to timely disclose security breaches provides rare insight into quantifying the financial and other costs to a company’s shareholders and leadership when a security breach occurs and is mishandled. In 2014, more than a billion Yahoo accounts were hacked. Then in 2015 and 2016, more than 500,000 Yahoo user accounts were … Continue Reading
LexBlog