Yesterday I updated a breach report on phiprivacy.net where a hospital employee had taken records home… and taken records home… and taken records home. According to hospital investigators, there was no indication that she used them criminally or intended to use them criminally, but the incident points out how many paper records may just “wander”…
Month: June 2011
Financial data stealing Malware now on Amazon Web Services Cloud
Dmitry Bestuzhev of Kaspersky writes: There were some recent comments about Amazon Cloud as a platform for successful attacks on Sony… Well, today I found that Amazon Web services (Cloud) now is being used to spread financial data stealers. The evidence indicates that the criminals behind the attack are from Brazil and they used several…
(update) Police and Hospital Workers Find, Remove More Boxes Of Stolen Medical Records
This case just gets more and more intriguing, and the medical center has disclosed a lot of information that I typically don’t see is initial press releases. Devetta Blount reports: Wake Forest Baptist Medical Center employees and police say they are still on the case of stolen medical records. Employees spent Saturday reviewing more records that…
MI: Big changes for medical marijuana users
According to a Michigan federal court judge on Friday, medical marijuana patients have no right to privacy. Federal Judge Hugh Brenneman Jr. ruled that Michigan medical marijuana patients have no right to privacy when it comes to a federal investigation involving marijuana. In short, medical marijuana patients should not expect the information they give to…
Pointer/reference: Chronology of recent Sony incidents
Great thanks to attrition.org for compiling a detailed chronology of recent Sony security incidents together to help us all.
Editorial: Let me make my own decisions, thankyouverymuch
The recent spate of hacks against Sony networks as well as a Congressional hearing where representatives of Sony and Epsilon testified about their recent breaches have stimulated another round of discussions about whether we need a federal breach disclosure law that preempts state laws, and if so, what the threshold or trigger should be for…