Joe Fay reports: Ex-CISA head Jen Easterly claims AI could spell the end of the cybersecurity industry, as the sloppy software and vulnerabilities that criminals rely on will be tracked down faster than ever. Speaking at AuditBoard’s user conference in San Diego, Easterly said the threat landscape has never stopped evolving. The proliferation of data,…
Category: Commentaries and Analyses
ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale.
Modernizing Medicine (“ModMed”) is a healthcare technology firm that provides Electronic Health Records (EHR) and practice management software to many HIPAA-covered entities. ModMed recently announced that on July 29, it discovered unauthorized activity in some of its computer servers. The servers in question contained data from some of ModMed’s podiatry clients, and the data was…
Confidence in ransomware recovery is high but actual success rates remain low
Ian Barker reports: A new study from OpenText of nearly 1,800 global IT and security leaders shows a false sense of confidence in ransomware readiness. The report shows that 95 percent of respondents say they’re confident in their ransomware recovery — yet only 15 percent of those attacked have fully recovered their data. In a rapidly changing threat landscape…
Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach
WVNews reports that personal and protected health information of 462,000 Montanans was involved in a significant data breach experienced by Conduent Business Services from October 2024 to January 2025. The state’s Insurance and Securities Commission wants to know why Blue Cross Blue Shield of Montana (BCBSMT) didn’t notify the state sooner. The breach came to…
Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
From NY DFS: New York State Department of Financial Services (DFS) Acting Superintendent Kaitlin Asrow today issued new cybersecurity guidance addressing the risks associated with entities becoming increasingly reliant on third-party service providers (TPSPs). The guidance builds on the Department’s ongoing work to protect New Yorkers and DFS-regulated entities from cybersecurity risks through its nation-leading…
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
If the court continues issuing such injunctions, the Department of Telecommunications may need an entire department and staff just to respond to these situations. Should the responsibility be on the DoT, or is there a better way? Azdhan reports: The Bombay High Court has granted urgent ad-interim relief to Generali Central Life Insurance Company after the insurer…