WHEC reports that Finger Lakes Health is functioning the old-fashioned way while its computer system remains locked up by an unspecified type of ransomware: The agency said that an outside party is demanding payment to let it access its files. The agency was notified of the breach around midnight Sunday. Officials at Finger Lakes Health say…
Category: U.S.
Public Notification of Data Breaches: Between a Rock and a Hard Place
John Amabile and Micheal Binns of Parker Poe Adams & Bernstein write: A change in emphasis in disputes over data security breaches is coming. To date, the focus has been on issues and potential damages arising from the breach itself and the subsequent loss of private, personal information. In light of recognized delays from both…
Florida Virtual School database now uploaded to HaveIBeenPwned
From Troy Hunt, an aid to parents who want to check if their email address or their child’s email address was in a leaked database: New breach: The Florida Virtual School had 368k student records with 543k email addresses exposed including names, grades and dates of birth. It’s flagged as “sensitive” due to the prevalence…
IA: Primary Health Care notifies patients after discovering hack of employee email accounts
From their press release, issued yesterday: Primary Health Care Inc. (“PHC”) is providing notice of an incident that occurred at PHC and may affect the security of protected health information of certain PHC patients. While PHC is unaware of any actual or attempted misuse of the information, this notice contains details about the incident and…
Frost Bank investigating breach, contacting affected customers (Updated)
RJ Marquez reports: Frost Bank is investigating a breach after the company discovered unauthorized access to digital images stored in those customers’ commercial image archives. The San Antonio based-bank issued a statement that said Frost detected the unauthorized access to a third-party lockbox software program earlier this week and immediately launched an investigation. The software…
DocuTrac medical software is a breach risk, warns Rapid7
Warwick Ashford reports on what seems to me to be yet another case of hard-coded credentials creating a critical vulnerability in protecting patient data, and I, of course, have questions. Ashford reports: The QuicDoc & Office Therapy suite of software produced by DocuTrac contains security vulnerabilities that could allow attackers to gain control of patient…