GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…
Category: Commentaries and Analyses
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…
VA: Hundreds of parents, students, staff at risk of identity theft as personal records found tossed on floor at Old Pulaski Middle School
Kelsey Jean-Baptiste reports: Concerns about confidential records being found thrown on the ground of the Old Pulaski Middle School have many worried. Hundreds of students, teachers, and staff are now at risk of having their private information stolen. Pulaski School superintendent, Dr. Kevin Siers says the documents date back to the 1970s. In pictures given…
Mom says her 11-year-old son hacked into his school’s virtual system and shut down classes
That feeling when you are told your child is some kind of evil genius/master criminal who has been sabotaging the school district’s network for months…. Jeroslyn Johnson reports: A mom recently went viral on TikTok after finally revealing all the trouble her 11-year-old son has been in due to his amazing tech skills. TikTok user @VictoriaPrettyMuch took to TikTok…
Dutch newspaper accuses US spy agencies of orchestrating 2016 Booking.com breach
Gareth Corfield reports: Jointly US-Dutch owned Booking.com was illegally accessed by an American attacker in 2016 – and the company failed to tell anyone when it became aware of what happened, according to explosive revelations. The alleged miscreant, named as “Andrew”, is said to have stolen “details of thousands of hotel reservations in countries in…
Israeli Cyber Unit action removes Black Shadow Iran-affiliated hacking website
JNS reports: The Israeli Cyber Unit, part of the State Prosecution Office, led the removal of a website belonging to the Black Shadow Iranian-affiliated hacking website after it targeted a number of Israeli websites, Walla reported on Thursday. “The removal of the site means a significant reduction to expose personal materials publicized by Black Shadow, a hacking group affiliated…