As breaches go, the theft of a USB drive with ePHI on 2,209 insurance members doesn’t sound like a lot, but The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a settlement with MAPFRE Life Insurance Company of Puerto Rico because of what they found when they investigated the breach…
Category: U.S.
Bitcoin exchange employee pleads guilty in U.S. case tied to hacking
Nate Raymond reports: A Florida man pleaded guilty on Tuesday to charges stemming from his employment with an unlicensed bitcoin exchange that prosecutors say was owned by an Israeli who oversaw a massive scheme to hack companies including JPMorgan Chase & Co. Ricardo Hill, 38, entered his plea in Manhattan federal court to seven counts,…
Fired IT employee offered to unlock data — for $200,000
I think a study I saw recently said about 69% of entities reported data loss or breaches associated with departing employees. Vic Ryckaert reminds us what can happen if you don’t have control of all administrator credentials before you terminate an employee: Indianapolis-based American College of Education fired its information technology employee last year, according to court documents, but…
Sentara notifies 5000+ patients after breach at vendor
WAVY reports: A cyber security breach at a third party vendor for Sentara Healthcare has compromised the records of over 5,000 patients. The incident involves 5,454 vascular and thoracic patients seen between 2012 and 2015 at Sentara hospitals in Virginia. Read more on WAVY. The vendor was not named, nor were many details about the nature of the…
Details of Data Breach at MrExcel.com
Seen at MrExcel.com, a breach disclosure with some plain English writing and transparency. Although it’s not good if the hack occurred because vBulletin hadn’t been patched/updated, this disclosure is an example of clear and helpful writing. 1) What happened? This is Bill Jelen from MrExcel.com. On the morning of December 6, 2016, our moderators detected…
No payoff for hackers, Arkansas school district says
Jack Sandlin reports: Computer hackers infected the Valley Springs School District‘s computer system with malicious software Thursday, locking access and demanding a ransom to restore its files and programs. The hackers demanded a payment of 7,000 British pounds — about $8,500 U.S. dollars — from the school district, Superintendent Judy Green said Friday. The hackers…