News10 reports an update on the cyberattack that hit Albany schools in New York earlier this month: Students, faculty, and staff in the City School District of Albany who use Chromebooks to access the internet had their services restored on Monday. District systems and resources are still unavailable, though, for anyone using desktops or laptops,…
Author: Dissent
To Detail or Not: The Breach Notification Conundrum
Matt Fisher has a post on a topic near and dear to DataBreaches’ heart: how much detail to include in a brief notification. Matt covers the minimum requirements, as mandated by HIPAA, but then starts to consider more complex situations. He writes, in part: Without being able to cover every scenario or nuance, there are…
Lake Charles Memorial Health system victim of cyberattack and data leak by Hive
On October 25, Lake Charles Memorial Health System (LCMH) in Louisiana received an email that began, “Ladies and gentlemen! Attention, please! This is Hive Ransomware Team.” The remainder of the email stated that Hive had been in LCMH’s network for 12 days and had exfiltrated 270 GB of files including patient and employee data. A…
Medibank defends decision to not pay hackers ransom for stolen data as it contacts 480,000 customers
Nassim Khadem and Daniel Ziffer report: Medibank’s boss says the company will begin directly communicating with nearly half a million customers whose health data is believed to have been stolen, weeks after it first became aware hackers had breached its customer database. Medibank’s chief executive David Koczkar said the company had today started communicating with…
Worok hackers hide new malware in PNGs, while ARCrypter ransomware expands reach from Latam to world
Two reports related to malware: Bill Toulas reports: A threat group tracked as ‘Worok’ hides malware within PNG images to infect victims’ machines with information-stealing malware without raising alarms. This has been confirmed by researchers at Avast, who built upon the findings of ESET, the first to spot and report on Worok’s activity in early…
Five Former Methodist Hospital Employees Charged with HIPAA Violations
Criminal prosecutions under HIPAA are still relatively rare. Here’s one reported by the U.S. Attorney’s Office in the Western District of Tennessee on November 10: Memphis, TN – A federal grand jury has indicted five former Methodist Hospital employees for conspiring with Roderick Harvey, 40, to unlawfully disclose patient information in violation of the Health Insurance…