Hackers claimed to have hacked hundreds of thousands of records from National Life Group, but investigation points to Sterling National Financial Group as the likely hacked entity The blackhat hacker/extortionist(s) known as thedarkoverlord (TDO) ended 2018 and welcomed 2019 with a number of bold announcements about large hacks. One of those announcements was their claim in a since-removed paste that…
Category: U.S.
Double whammy: BCBS of Michigan policyholders hit by two breaches in December
December appears to have been a rough month for Blue Cross Blue Shield of Michigan. Yesterday, I discovered that they had a second breach that was disclosed last month, although it seems to have flown under most media radar. The first breach, fairly widely reported already, involved a laptop stolen from a subsidiary’s employee that…
Ransomware, phishing attacks top new HHS list of cyberthreats in healthcare
Eli Richman reports: Email phishing attacks, ransomware attacks and attacks against connected medical devices are among the greatest cyberthreats that health systems need to protect against, according to new cybersecurity guidance for health systems from the Department of Health and Human Services.Released last week, the Health Industry Cybersecurity Practices were released to help the industry identify…
Data leak shuts down Alaska’s PFD application website
KTUU reports that Alaska’s Permanent Fund Dividend web site is down and will remain down for now while the state investigates and remediates a data leak. ANCHORAGE, Alaska (KTUU) — Update: 10:27 p.m.:The Alaska Department of Revenue will not reopen the Permanent Fund Dividend application website until the integrity of filer information can be guaranteed, according…
Ohio Moves on Insurance Cybersecurity
Josephine Cicchetti of Carlton Fields writes: Ohio has joined South Carolina in becoming the next state to adopt a variation of the NAIC Insurance Data Security Model Law (“MDL-668”). This legislation makes a number of changes to Ohio’s insurance law, including the addition of a new Chapter 3965, which establishes “standards for data security and…
Six years after massive data breach, SC still fixing security, but ends victim credit monitoring
Andy Shain reports: Six years after one of the nation’s worst data breaches, South Carolina efforts to protect computer records from hackers remain a work in progress, but that did not prevent the end of free credit report monitoring for millions of taxpayers whose information was stolen. […] No arrests have been made in the…