David Bisson reports: Digital attackers targeted the computer servers of a golfers’ association with ransomware and encrypted files stored on those assets. Staff at the Professional Golfers’ Association of America (PGA) discovered the attack on 7 August. When they attempted to access certain work files that morning, those documents generated a ransom note informing them…
Month: August 2018
Protenus 2018 Q2 Report: 3.14M Patient Records Breached As Patients Are Increasingly Anxious About Health Data Security
As regular readers know by now, DataBreaches.net compiles data from health data breaches in the U.S. for Protenus, Inc. For the past few years, Protenus published monthly statistics and analyses, but this year, shifted to a quarterly report with more analyses and some fascinating proprietary data. Here’s an example of what you’ll find in their…
Samsung Galaxy S7 smartphones vulnerable to Meltdown hacking: researchers
Jack Stubbs reports: Samsung’s Galaxy S7 smartphones contain a microchip security flaw, uncovered earlier this year, that has put tens of millions of devices at risk to hackers looking to spy on their users, researchers told Reuters. The Galaxy S7 and other smartphones made by Samsung Electronics Co Ltd (005930.KS) were previously thought to be…
Unixiz Agrees to Shutter “i-Dressup” Site and Pay Penalty to Settle Charges Under COPPA and the New Jersey Consumer Fraud Act
From Hunton Andrews Kurth: On August 3, 2018, California-based Unixiz Inc.(“Unixiz”) agreed to shut downits “i-Dressup” website pursuant to a consent order with the New Jersey Attorney General, which the company entered into to settle charges that it violated the Children’s Online Privacy Protection Act (“COPPA”) and the New Jersey Consumer Fraud Act. The consent orderalso…
Telemedicine company exposed data of more than 2 millions patients in Mexico
Another day, another exposed database due to misconfiguration of a MongoDB installation. Bob Diachenko found it and reports on it: On August 3rd, I have discovered that personal information of 2,373,764 patients from Mexico is publicly available through a misconfigured MongoDB instance. Data included such fields as: Full name and gender; CURP number (i.e. Personal…
St. Mary’s Hospital Campus in Jefferson City notifies 301,000 of limited PHI left behind in a 2014 move
And this is why I always wait to close out monthly stats in healthcare. The following incident just showed up on HHS’s public breach tool today as having been reported to them on July 30, and affecting 301,000 patients. St. Mary’s Hospital’s notice, below, indicates that the entity was not sure of the number affected. …