Minuteman Senior Services (“MSS”) in Massachusetts notified the U.S. Department of Health and Human Services on January 27 that they experienced a breach affecting 500 patients. The “500” is simply a marker that indicates that the reporting entity knows they have to report a breach to HHS within 60 days of discovery but they do…
Author: Dissent
If you’re going to “attack” a public school district, learn what FERPA permits districts to make public anyway
An established forum user on Breached.vc uploaded what they claim is the [SPPS] Saint Paul Public Schools District Directory for free download. In describing what they refer to as an attack on February 13 to February 14 leading to a data breach, they write: Reasons for leak: Insecuring their Google Directory; Not Forcing stronger passwords…
Arizona Priority Care and AZPC Clinics notify 10,978 patients of malware attack
Arizona Health Advantage, Inc. d/b/a Arizona Priority Care and AZPC Clinics, LLC (“APC”) are healthcare providers and business associates. On February 1, they notified HHS of an incident that affected 10,978 patients. As a business associate, their report to HHS was filed on behalf of Alignment Health Plan of Arizona, Inc. and Alignment Health Insurance…
Hackers take down Bahrain airport website
Al Arabiya English with the Associated Press reports: Hackers said they had taken down the website of Bahrain’s international airport on Tuesday which was unavailable until at least 1:45 p.m. GST. It briefly came back online and was down again shortly after. A statement posted online by a group calling itself al-Toufan, or “The Flood”…
New Picus Red Report warns of “Swiss Army knife” malware
The versatility of the latest malware is demonstrated by the fact that a third of the total sample analyzed by Picus Labs is capable of exhibiting more than 20 individual Tactics, Techniques, and Procedures (TTPs). San Francisco, US, 14th February 2023– Picus Security, the pioneer of Breach and Attack Simulation (BAS), has released The Red Report 2023, an in-depth analysis…
Community Health Systems estimates 1 million patients impacted by vendor’s GoAnywhere breach
Sometimes our first report of a data breach comes in an 8-K filing to the Securities and Exchange Commission. Such is the case with a breach affecting Community Health Systems, Inc. in Tennessee. In its 8-k filing of February 13, CHS discloses that they were recently notified by Fortra, LLC, a third party vendor of…