I’ve just read a breach notification from an incident that was reported to HHS as impacting 25,000. Reading it, it sounds like someone tried to tip the entity that they had a vulnerability and the tipster provided proof. But then their investigation couldn’t definitively prove that no data had ever been accessed or exfiltrated or…
Category: U.S.
Hackers Smell Blood as Schools Grapple With Virtual Instruction
David Uberti reports that it’s been a rough school year already in terms of cybersecurity. And he wisely reached out to Doug Levin for his input. Doug created and maintains a wonderful resource — the K-12 Cybersecurity Resource Center that maps reports in k-12 from around the country. At least 289 districts across the U.S….
Ransomware Attack on a Major Health Tech Firm Slows Down Several COVID-19 Clinical Trials
Alicia Hope reports: A ransomware attack targeting medical technology firm slowed down clinical trials for the past two weeks, according to the New York Times. The attack targeted a Philadelphia company that develops software for clinical trials, including the crash effort to develop rapid coronavirus tests, treatment, and the vaccine. The attack on eResearch Technology forced…
Ca: Western students alerted about security breach at exam monitor Proctortrack
Andrew Lupton reports: A security breach of Proctortrack, the software Western University uses to monitor student exams remotely, is adding new fuel to a debate raging on campus over privacy concerns about the program. Proctortrack allows students to be monitored to prevent cheating while they take exams at home using their own computers. The program…
OH: Potential class action against Health Recovery Services survives motion to dismiss
In April 2019, this site reported on a breach disclosed by Health Recovery Services (HRS). In October, 2019, Troy Foster sued them over the breach. I noted at the time that I was surprised at the claim concerning delayed notification when he had been notified in 60 days. I was not surprised to now read…
More details emerge on Hall County, Georgia ransomware attack
As reported previously on this site, Hall County, Georgia had revealed a ransomware attack on October 7, but until now, we didn’t know who attacked them. Now the threat actors known as DoppelPaymer have added Hall County to their dedicated leak site. In their updates, the county had reported: At this time, there is no…