Several weeks ago, I noted a misconfigured 2014 version of World-Check database and an analysis of its contents. The database contains information on individuals who have histories of allegedly being involved in financial crime, terrorism, or other types of crime. Banks and other institutions use such databases as part of their due diligence. Today, I see that two…
Category: U.S.
Technology firm hack compromised clients’ EHR records: The Dark Overlord
On July 12, the hacker known as “The Dark Overlord” (TDO) offered the source code, software signing keys, and customer license database for a firm that develops and markets software that among other things, implements the HL7 standards. The entity was not named in the listing on TheRealDeal Market. As I reported on July 12, I was…
Shadi.com hacked and data dumped, but do they even know?
From LeakedSource: Shortly after the hack of MuslimMatch.com, Shadi.com another dating site was hacked around July 10th, 2016. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set contains 2,035,020 records. Each record contains an email address and one password. Passwords were stored with no…
Alabama website breach revealed personal data of some state retirees
Mike Cason reports: A Mobile woman who was helping her parents with their state health insurance coverage saw names, dependent’s names, dates of birth and Social Security numbers of other insurance program members on the system’s website. Amanda Murdick said when she opened a portal for members on the website of the Public Education Employees’…
MT: State health employees fired after giving data to lawmakers
AP reports: Montana health officials have fired two employees for providing the Social Security numbers and other personal information of 185 childcare providers to three state legislators. The Associated Press obtained copies of letters mailed to the Republican lawmakers from Department of Public Health and Human Services director Richard Opper asking them to destroy the…
New HHS guidance on Ransomware and HIPAA
I hate it when I tweet something but forget to post it. In today’s installment of “Smacking Myself in the Forehead,” I remember to tell readers that HHS has issued a new guidance on ransomware and HIPAA. A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since…