This report was published December 28, 2017, but I’m first seeing it today. Joe Dexter reports on the devastation Rockingham County Schools experienced after employees fell for a phishing email. The only good news, perhaps, was that personal information did not appear to have been acquired or exfiltrated: All it took was several downloads of…
Category: U.S.
Medical records from defunct spa and wellness centers found dumped in New Bedford
Ashley Cullinane reports: Medical records were found dumped in New Bedford, sparking concern in the community. Private information like social security numbers and licenses are printed in the files, New Bedford Live reported. The records belonged to MD Medical Spa and Wellness Center in Hyannis and Norwell, Massachusetts. The facilities shut down in 2016. Read…
Hancock Health pays $55,000 ransom after SamSam locked up 1400 files; no patient data stolen
Samm Quinn has an update on the Hancock Health ransomware incident first reported the other day. The hospital ultimately paid a $55,000 (4 BTC) ransom to regain access to its systems, because although it could restore from backup, it would have taken more time. The hackers targeted more than 1,400 files, the names of every…
Big businesses band together in urging lawmakers to sell out your privacy
David Lazarus writes: Twenty-two industry groups, representing thousands of U.S. businesses, sent a letter to Congress the other day calling on lawmakers to pass sweeping data-security rules. At first glance, that seems like a really good thing for consumers. Upon closer inspection, however, the letter suggests these corporate heavyweights are aiming to sell out consumers…
FL: Records from defunct finance firm exposed after company closes and leaves them behind
Vic Micolucci reports on yet another case where records with personally identifiable information are left behind – and then disposed of improperly – when a business closes: Hundreds of pages of personal information, including credit card numbers and Social Security numbers, were found in a Jacksonville dumpster behind a business on San Juan Avenue and Blanding…
Inside Uber’s $100,000 Payment to a Hacker, and the Fallout
Nicole Perlroth and Mike Isaac report: “Hello Joe,” read the November 2016 email from someone identifying himself as “John Doughs.” “I have found a major vulnerability in Uber.” The email appeared to be no different from other messages that Joe Sullivan, Uber’s chief security officer, and his team routinely received through the company’s “bug bounty”…