From OCR, this alert: It has come to OCR’s attention that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI). The individual identifies themselves on the telephone as an OCR investigator, but does not provide an OCR complaint transaction number or any other…
Month: April 2020
Prosecutors Charge Two Men over Coincheck Hack, But Not For Hacking
Tim Alper reports: Tokyo prosecutors have formally charged two men with handling stolen cryptoassets as part of the investigation into the January 2018 hack on crypto exchange Coincheck – still the biggest crypto heist in human history. Per media outlet Nikkei, the two men, an Osaka-based 39-year-old and a doctor, aged 30, from Obihiro, Hokkaido, under the terms of…
Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do
Microsoft is doing its bit to help hospitals and care facilities to protect themselves from human-operated ransomware attacks. In a blog post published today, they write, in part: While a wide range of adversaries have been known to exploit vulnerabilities in network devices, more and more human-operated ransomware campaigns are seeing the opportunity and are jumping on…
Ex-NSA hacker drops new zero-day doom for Zoom
Zack Whittaker reports: Zoom’s troubled year just got worse. Now that a large portion of the world is working from home to ride out the coronavirus pandemic, Zoom’s popularity has rocketed, but also has led to an increased focus on the company’s security practices and privacy promises. Hot on the heels of two security researchers finding a Zoom…
MT: DPC launches investigation after over 330,000 voters’ personal data leaked in security breach
Matthew Vella reports: The data protection commissioner will be launching an investigation after a massive security vulnerability – in a database containing information on 337,384 voters from Malta that was being held by a Maltese IT company – led it to be exposed without security. The data includes ID numbers, names, addresses, gender, phone numbers…
UK: Morrisons not liable for 2014 data breach, says Supreme Court
Alex Scroxton reports: Supermarket chain Morrisons has succeeded in its appeal to the Supreme Court against judgments that held it liable for an insider data breach caused by a disgruntled employee. In its unanimous judgment, the Supreme Court said previous judgments had fundamentally misunderstood the principles governing vicarious liability in a number of ways, most notably because…