A snippet from another great read by WIRED: After a typical sleepless night at his keyboard, 19-year-old Josiah White sat staring at the three flatscreen monitors he’d set up on a workbench in a messy basement storage area connected to the bedroom he shared with his brother in their parents’ house. He was surrounded by…
Category: Commentaries and Analyses
Cyber incident shuts down Otsego Memorial Hospital computers
Mardi Link reports: Munson Healthcare officials are investigating a cyber incident at Otsego Memorial Hospital in Gaylord, that in October prompted a shutdown of the hospital’s computer system. Munson Healthcare acquired Otsego Memorial in 2018 and a Munson spokesperson said the shutdown was limited to Gaylord only, and officials have no reason to believe patient…
If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures
— An OpEd by DataBreaches– When it comes to data breach disclosures, the very same entities who claim to take our privacy and security very, very seriously are generally not being transparent in their breach disclosures. Their refusal to be transparent often results in consumers and patients being left in the dark about the risks…
Was a recent OCR settlement fair? Maybe, but maybe not.
Sometimes you think you did a good job — and sometimes you actually did do a good job compared to everyone else — but someone comes along and says what you did wasn’t satisfactory at all. And when that “someone” is the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR),…
It’s Still Easy for Anyone to Become You at Experian
Brian Krebs reports: In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at…
Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools
It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated. In an introductory post today on Breach Forums, they write: We are SingularityMD. We specialize in low sophistication corporate network infiltration. We are behind the following hacks…