Brian Krebs reports: There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while…
Category: Commentaries and Analyses
Four HIPAA Enforcement Actions Hold Healthcare Providers Accountable With Compliance
Today, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations and one matter before an Administration Law Judge related to compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Two of these cases are part of OCR’s HIPAA Right of Access…
IL: Blessing details defenses amid increasing health system cyber-attacks
Ryan Hill reports: Hospitals and health systems are finding themselves in the crosshairs of cybercriminals more frequently. According to third party cybersecurity company Black Kite’s 2021 Third Party Breach report, attacks on healthcare companies accounted for nearly a third of attacks in 2021. Blessing Health information security chief Todd Haverstock said he has seen the number…
Long Island schools hit with 29 ransomware attacks, hacks, other cyber incidents in past 3 years
Craig Schneider and Joie Tyrell report: Long Island schools suffered from at least 29 incidents of ransomware, computer hacks and other cyber incidents over the past three years, ranging from attacks that crippled computer networks to worker errors that exposed Social Security numbers, addresses and other private information, according to records obtained from the state Education…
In Act of Hacktivism, Open Source Project Maintainer Uses Code to Wipe Russian and Belarusian Computers
Scott Ikeda reports: Many criminal hacking gangs originate from Russia and nearby points in Eastern Europe, and their ransomware and malware is sometimes found with settings that automatically disable it if regional languages are set on the target computer. An open source project maintainer essentially did the opposite in protest of the war in Ukraine,…
Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
Yesterday was not a great day for Okta. Their CSO, David Bradbury, issued a statement responding to Lapsus$’s claimed hack, but his statement led to a counter-response by Lapsus$ and even more critically, perhaps, people started asking why, if Okta knew about something in January, they had not disclosed it then. First, here’s Bradbury’s statement:…