This story is going to be straight up, forward and simple. What not to do when a researcher like myself contacts you about a security incident. Every day all around the world researchers are being ignored by those who they attempt to help out. Recently another researcher discovered a open s3 bucket that belong to…
Month: October 2018
Google Exposed User Data, Feared Repercussions of Disclosing to Public
Douglas MacMillan and Robert McMillan report: Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the…
MedCall Advisors suffers second data leak in less than one month
A few weeks ago, DataBreaches.net reported on a leaky Amazon S3 bucket owned by MedCall Advisors in North Carolina. The leak, which exposed approximately 3,000 patients’ protected health information, was discovered by UpGuard, who published a number of redacted screenshots to document the leak. Their detailed report also noted how Randy Baker, the CEO of MedCall…
An OCR investigation illustrates the value of investigating small and medium-sized entities
One of the common themes in discussing security is that many organizations are not “mature” yet. And of course, as HIPAA recognizes in its security rule, smaller practices should not be expected to do everything you might expect a larger hospital system to do. But even small or medium-sized entities need to comply with the core…
Hackers Compromise 30,000 Routers in India – Cryptojacking Report
Solomon Sunny reports: …. Banbreach, an Indian-based security firm, has released a report showing an increased number of routers affected by cryptojacking software in India. In its post released on Thursday, Banbreach noted that the number of compromised routers is almost 30,000, double the number from last month. For cities with the highest prevalence of…
MD: 600 Anne Arundel County library computers affected by “Emotet” virus
Chase Cook reports: About 600 Anne Arundel County Library computers were exposed to a computer virus, prompting officials to take the computers out of service and ask customers to monitor personal information for fraudulent activity. It was announced Saturday that the computers were exposed to a virus called Emotet, which targets users through sophisticated email…