Lawrence Abrams reports: The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. Contec is a China-based company that specializes in healthcare technology, offering…
Category: Breach Incidents
Do-Over: “Pompompurin” to be Re-Sentenced (1)
When the owner of the original BreachForums, Conor Fitzpatrick, aka “Pompompurin,” was sentenced in January of 2024 to time served plus 20 years supervised release with special conditions, it was a shock. Although young, Fitzpatrick had pleaded guilty to conspiracy to commit access device, access device fraud, and possession of child pornography. Based on federal…
NY Attorney General James Announces Court Win Allowing Lawsuit Against Citibank to Continue
AG James Sued Citi for Failing to Protect Customers from Fraud, Costing New Yorkers Millions NEW YORK – New York Attorney General Letitia James today announced a significant victory in her case against Citibank (Citi) after a judge denied Citi’s motion to dismiss the Office of the Attorney General’s (OAG) lawsuit on its core claims…
FBI Warned Agents It Believes Phone Logs Hacked Last Year
Jake Bleiberg and Margi Murphy FBI leaders have warned that they believe hackers who broke into AT&T Inc.’s system last year stole months of their agents’ call and text logs, setting off a race within the bureau to protect the identities of confidential informants, a document reviewed by Bloomberg News shows. FBI officials told agents across the country that details…
MedSave Health Insurance TPA hacked; firm has yet to comment or respond
The individual known as “0mid16B” has been busy, it seems. They contacted DataBreaches on Wednesday to announce that they had hacked MedSave Health Insurance TPA Ltd (“MedSave”). MedSave is a third party administrator in India that partners with more than 10 insurance companies, processing and settling claims submitted by hospitals or insured members. MedSave lists…
HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $10,000
Settlement with Northeast Surgical Group marks OCR’s 10th ransomware enforcement action and 4th enforcement action in OCR’s Risk Analysis Initiative. Today the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Northeast Surgical Group, P.C. (NESG), a provider of surgical services in Michigan, for a potential violation…