I am so glad to see a follow-up on this case because I had the same questions about how and why Walgreens did not suffer the same federal penalties as CVS and Rite Aid for the same infringement of HIPAA. My original coverage of this breach is no longer online as the former version of…
Author: Dissent
AZ: 200 Kingman residents affected by city’s cyber attack; cause still not determined
AP reports: A recent investigation into a massive cyberattack against the city of Kingman shows that up to 200 residents had their personal information breached, yet the city still can’t explain how their system was infiltrated. Kingman city officials said the completed investigation revealed that a “limited number” of residents’ information were affected by the…
A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab
Zack Whittaker reports: A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand covert compromises, say researchers at Citizen Lab. The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for…
Update on Eskenazi Health Cyber Incident
Eskenazi has issued an updated notice about their security incident. They talk about “if they find” PII or PHI, but the reality is that this site already saw and reported that there was such information in the data dumped by Vice Society. From this site’s perspective, the only question is how many employees and patients…
Pysa threat actors’ script shows exactly the files they’re after
Lawrence Abrams reports: A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. […] Yesterday, MalwareHunterTeam shared a PowerShell script with BleepingComputer used by the Pysa ransomware operation to search for and exfiltrate data from a server. This script is designed…
Hacking group nicknamed SparklingGoblin is accused of stealing usernames and IP addresses from US computer retailer and Canadian schools
Adam Manno reports: A hacking group has targeted the networks of US media and retail companies to gather usernames and IP addresses, according to research from an antivirus company. Slovakia-based cybersecurity company Eset has identified a ‘backdoor’ used by a group it calls SparklingGoblin to enter firm’s supposedly secure servers, according to a post on the company’s…