Commentaries and Analyses – Page 38

HHS Statement Regarding the Cyberattack on Change Healthcare

Posted on March 6, 2024 by Dissent

March 5. The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health care operations across the country. HHS’ first priority is to help coordinate…

Three recent breach disclosures remind us how seldom timely breach notification is enforced under HITECH

Posted on March 4, 2024 by Dissent

Three recent data breach disclosures involving patient data all exceeded HIPAA’s 60-day deadline to notify HHS and individuals. Yakima Valley Radiology A breach involving the Washington state radiology service was added to Karakurt’s leak site in November 2023 with a listing claiming — without proof — that they had acquired 9.31 GB of files with financial…

EPIC Emphasizes That FCC Pilot Program Protect Student Privacy, Not Just School Cybersecurity

Posted on March 3, 2024 by Dissent

From the good folks at EPIC.org: On February 27, EPIC filed reply comments with the Federal Communications Commission supporting the FCC’s proposal to use funds from its E-Rate program to support strengthening cybersecurity at schools and libraries, as these are increasingly attractive targets to hackers. The E-Rate program uses discounted pricing to facilitate schools and libraries providing…

These Video Doorbells Have Terrible Security. Amazon Sells Them Anyway.

Posted on March 1, 2024 by Dissent

Stacey Higginbotham and Daniel Wroclawski report: On a recent Thursday afternoon, a Consumer Reports journalist received an email containing a grainy image of herself waving at a doorbell camera she’d set up at her back door. If the message came from a complete stranger, it would have been alarming. Instead, it was sent by Steve…

CISA Alert CodeAA23-353A: ALPHV BlackCat

Posted on February 28, 2024 by Dissent

February 27, 2024: SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware….

School cyber incidents on Long Island: Reported cases rose sharply in 2023

Posted on February 25, 2024 by Dissent

Craig Schneider reports: Long Island schools saw a big increase in the number of reported computer hacks and other cyber incidents in 2023 compared to the prior year, and human error continued to be a major cause of exposing sensitive student information such as special education disabilities and disciplinary problems, records show. Island schools suffered…