I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
Category: Health Data
Chinese hackers target Indian vaccine makers SII, Bharat Biotech, says security firm
Reuters reports: A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunisation campaign, cyber intelligence firm Cyfirma told Reuters. Read more on CNBC
Universal Health Services lost $67 million in cyberattack recovery
Ginger Christ reports: Universal Health Services said Thursday that the company lost $67 million in the second half of 2020 as a result of a September cyberattack. The Sept. 29 malware attack caused King of Prussia, Pa.-based UHS to temporarily take all of its U.S. information technology networks offline, including systems for medical records, laboratories and pharmacies. Servers…
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The Jones…
Jamaica’s JamCOVID pulled offline after third security lapse exposed travelers’ data
Zack Whittaker reports: Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. JamCOVID was set up last year to help the government process travelers arriving on the island. Quarantine orders are issued by the…
New tool reveals security and privacy issues with contact tracing apps
COVIDGuardian, the first automated security and privacy assessment tool, tests contact tracing apps for potential threats such as malware, embedded trackers and private information leakage. Using the COVIDGuardian tool, cybersecurity experts assessed 40 Covid-19 contact tracing apps that have been employed worldwide for potential privacy and security threats. Their findings include that: 72.5 per cent…