Joe Carlson reports: Medtronic is warning thousands of users of its older insulin pumps worldwide that the devices may contain a serious cybersecurity vulnerability allowing a malicious hacker to change drug-delivery settings and send the patient into a diabetic emergency. The warning applies to Medtronic insulin pumps that were introduced to the market before 2013….
Category: Commentaries and Analyses
Bulgarian IT Specialist in Detention For Vulnerability Demonstration
A reader, Devrimer Duman, alerted me to the following situation, but the original source is in Bulgarian, so I’m going to post the beginning part of Google’s translation: Petko Petkov, the founder of the largest IT space in Stara Zagora, was arrested for 24 hours for a video on Facebook with a demonstration pointing out…
Seven weeks after a crippling ransomware attack, Lake City agrees to pay almost $500,000 ransom demand
On June 11, DataBreaches.net noted a report that Lake City, Florida was struggling to recover from “triple threat ransomware.” The attack had occurred on May 10, and one month later, the city’s landline phones were still knocked out and other services were also affected, although emergency services were operating. Now, one week after another Florida…
Hackers steal data from telcos in espionage campaign: cyber firm
Ari Rabinovitch and Tova Cohen report: Hackers broke into the systems of more than a dozen global telecom firms and stole huge amounts of data in a seven-year spying campaign, researchers from a cyber security company said, identifying links to previous Chinese cyber-espionage activities. Investigators at U.S.-Israeli cyber firm Cybereason said on Tuesday the attackers…
Leaked video exposes how patient data in Hong Kong public hospitals can be accessed by any user without needing a password
Sum Lok-kei and Elizabeth Cheung report: Patient data at Hong Kong’s public hospitals can be accessed by any user with no need for a password, a leaked video shown to the Post and verified by multiple hospital sources has revealed. Software developer Wong Ho-wa warned the program used in public accident and emergency (A&E) wards…
Insurance company AIA fined $10,000 by PDPC for personal data breach
Lester Wong reports from Singapore: Insurance company AIA was fined $10,000 by the Personal Data Protection Commission (PDPC) for mistakenly sending 245 letters meant for various customers to just two people due to a programming error in its software system that auto-generates the letters. The bulk of the letters (237) were premium notice letters for…