Commentaries and Analyses – Page 208

Learning Opportunities from Ransomware and Redline Infostealer Events Inside America’s Universities

Posted on April 18, 2022 by Dissent

Britton White writes: After a university was recently hit with Ransomware, I decided to research the university’s domain name searching for any users who might have been hit with Redline Infostealer/Malware. To no surprise, I found many students had unknowingly had their saved browser credentials scraped (stolen/exfiltrated). It didn’t take long to find a student…

SuperCare Health Sued After Data Breach

Posted on April 14, 2022 by Dissent

The gap from the disclosure of a data breach to the filing of a potential class-action lawsuit is often a matter of weeks (or less), although a lot of lawsuits are dismissed for lack of Article III standing (see a 2021 review of data breach litigation here). In March, in-home respiratory care provider SuperCare…

Patients increasingly suing hospitals over data breaches

Posted on April 14, 2022 by Dissent

Jeff Lagasse reports: Industries are increasingly being sued by consumers for data breaches, but the sector with the biggest litigation increase is healthcare, according to new findings from the law firm BakerHostetler. In fact, healthcare comprises 23% of lawsuits due to data breaches. The next highest after that is business and professional services at 17%,…

On-the-Spot Intervention 95% Effective in Reducing Healthcare Employees’ Unauthorized Access to Protected Health Information (PHI)

Posted on April 14, 2022 by Dissent

The following is a press release from Protenus. As a reminder/disclosure: DataBreaches.net compiles data and performs some data analytic services for Protenus’s Breach Barometer each year. Protenus is pleased to announce a recent study found that on-the-spot interventions for healthcare employees who inappropriately accessed PHI were 95% effective in preventing repeat offenses. The article, “Effectiveness of…

‘JekyllBot:5’ Vulnerabilities Allow Remote Hacking of Hospital Robots

Posted on April 13, 2022 by Dissent

Eduard Kovacs reports: Cybersecurity researchers specializing in healthcare IoT systems have discovered five serious vulnerabilities that can be exploited to remotely hack Aethon’s TUG autonomous mobile robots. The TUG robots are used by hundreds of hospitals in North America, Europe and Asia to transport goods, materials and clinical supplies. Their role is to give staff…

T-Mobile Tried To Pay Hackers To Buy Leaked Customer Data Back

Posted on April 13, 2022 by Dissent

Abhishek Mishra reports on one of the revelations in court filings related to the arrest of the owner of RaidForums and the takedown of the forum: T-Mobile, one of the largest phone carriers in the U.S., tried to pay the hackers to get back its customer data leaked in a previous breach. The move backfired…