Jean E. Tomasco of Robinson & Cole writes about a breach involving an accounting firm that is a business associate to a number of covered entities. This month, the firm, Bansley & Kierner, issued a notice and started notifying individuals and HHS. But the time frame for discovery and notification has resulted in a potential…
Category: Commentaries and Analyses
N.J. volunteer EMS agency says patient data was breached
Leila Merrill reports: A volunteer EMS agency in New Jersey says in a news release that patient data in New Jersey was breached, and it has requested formal hearings in the state Senate and Assembly Health Committees. The Lincoln Park First Aid Squad, also known as Lincoln Park EMS, announced that it and other squads that are…
Former Uber Chief Security Officer to Face Wire Fraud Charges
SAN FRANCISCO – A federal grand jury handed down a superseding indictment today adding wire fraud to the list of charges pending against Joseph Sullivan for his role in the alleged attempted cover-up of the 2016 hack of Uber Technologies Incorporated, announced Acting United States Attorney Stephanie M. Hinds and FBI Special Agent in Charge…
Data breaches reported so far this year have surpassed full-year 2020
Jessica Kim Cohen reports: The latest data from the Human Services Department’s Office for Civil Rights show the largest number of healthcare data breaches in a year since regulators started tallying them in 2010. This year’s total beat last year’s by a single incident. These breaches didn’t affect as many patients as the worst year…
A reset on ransomware: Dominant variants differ from prior years
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago. Yet, even with the shift in the variants,…
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Vitali Kremez & Yelisey Boguslavskiy write: This redacted report is based on our actual proactive victim breach intelligence and subsequent incident response (not a simulated or sandbox environment) identified via unique high-value Conti ransomware collections at AdvIntel via our product “Andariel.” This is a redacted TLP:WHITE version of the larger AdvIntel findings. Read their report…