Mogin Rubin writes: The personal loan information of certain #AmeriFirst Financial, Inc., customers have been compromised, according to the bank’s “data security incident” notification. AmeriFirst said it discovered the breach on April 12, 2021, which infiltrated the bank’s data storage from Dec. 2 to Dec. 10, 2020. Read more on The National Law Review.
Category: U.S.
Thrifty Drug discloses security breach
Thrifty Drug Stores Inc., which does business as Thrifty White, is notifying customers about a security breach. Thrifty Drug in a statement said it worked with a business associate, Capture Rx, that discovered certain files on its system were accessed without authorization in February. Read more on Bismarck Tribune.
NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses
Kate Hanniford of Alston & Bird writes: Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of…
Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1
Implementing the HIPAA Security Rule: Call for Comments on NIST SP 800-66, Revision 1 The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”). NIST is seeking stakeholder input…
Sekurak blog interviewed Babuk about Metropolitan DC Police attack
A blogger from Sekurak (a Polish blog) conducted a great interview with Babuk yesterday. You can read the write-up here. Here’s a snippet from it: sekurak : How did you get to the police infrastructure in Washington? Babuk : 0-day VPN. We can’t say anything else, it’s 0-day after all. sekurak : When did the Washington Police realize that…
Ransomware gang leaks court and prisoner files from Illinois Attorney General Office
Catalin Cimpanu has an update to a situation first reported on DataBreaches.net last week. The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned. Perhaps the most interesting…