Joe Carlson reports: Blue Cross Blue Shield of Minnesota is working rapidly to shore up its cybersecurity defenses after an internal whistleblower raised alarm that the state’s largest health insurer had long neglected thousands of important updates. Internal documents show that Minnesota Blue Cross allowed 200,000 vulnerabilities classified as “critical” or “severe” to linger for…
Category: U.S.
AG Josh Shapiro reaches settlement with Expedia and Orbitz in 2018 data breach
Valeria de Leon reports: Attorney General Josh Shapiro announced on Friday, he reached a settlement with two online travel reservation companies after they potentially exposed information of thousands of people, including Pennsylvanians. The settlement follows an investigation led by Deputy Attorney General Timothy R. Murphy, into a data breach in 2018 involving Orbitz and its…
TX: City of Odessa notifies residents of Click2Gov breach
Seen on the city’s website: Post Date:12/12/2019 4:54 PM Click2Gov Security Breach ODESSA – We have learned of a data security incident that occurred between August 27, 2019 and October 14, 2019 that involved some of our customers’ credit/debit card information. The City of Odessa utilizes a third-party software product called Click2Gov to provide our…
Hackensack Meridian: We paid ransom to hackers to stop hospital cyber-attack
Michael L. Diamond reports: Hackensack Meridian Health paid an undisclosed amount in ransom to stop a cyber-attack that has disrupted the hospital owner’s computer network since it began last week, the company said Friday. The Edison-based company said it had insurance to help cover the costs associated with cyber-attacks, including payment, remediation and recovery efforts….
On the notification warpath, Friday edition
In 2006, I started advocating that there needs to be a law or regulation that requires businesses to have a method to receive notifications of security alerts. A number of people I respect offered explanations as to why that wasn’t a great idea. But 13 years later, I’m more convinced than ever that we need…
Louisiana Community College System Hit with Ransomware
Mark Ballard reports: Going into commencement, Baton Rouge Community College computers were hit with ransomware. The Louisiana State Police have been called in and the computer servers have been shut down, Kizzy Payton, BRCC’s spokeswoman said Wednesday. […] Tech personnel were unsure if BRCC’s computers had been hacked as the state’s system was last month….