Regular readers of this site will remember the Hollywood Presbyterian Medical Center ransomware incident, if for no other reason than it was the first time we had a medical center publicly revealing that they had been hit by ransomware and had decided to pay the ransom (approximately $17,000) than risk a shutdown of life-saving equipment….
Category: Commentaries and Analyses
Analysis of August healthcare breaches highlights hacking incidents
Protenus’s Breach Barometer for August notes that hacking incidents accounted for 54.5% of the health data breaches disclosed in August and 95% of the 673,934 breached records for August incidents. Also of note: Extortion demands and non-automated ransom demands also continue to plague the healthcare industry, although in many cases, media reports and HHS reports make no mention…
California Court Weighs in on the FTC’s Data Security Enforcement Authority
Kade N. Olsen and Craig A. Newman report on a court opinion in the D-Link case – a case that addresses some of the issues also raised in LabMD vs. FTC: Yesterday, a District Court in Northern California weighed in on the U.S. Federal Trade Commission’s (FTC) authority to protect consumers from “unfair” and “deceptive”…
Did a media blackout on reporting on TheDarkOverlord allow them to mushroom in the dark?
By the end of 2016, a number of journalists and/or their employers had made an ethical decision not to report on hacks and in-progress extortion attempts by TheDarkOverlord. But did the lack of coverage enable the criminals to expand their operations without any public attention or public pressure on law enforcement to pursue them aggressively? …
TheDarkOverlord v2.0: now with threats of physical violence?
You may have never heard of Flathead Valley in Montana. I’ll admit that I had never heard of it until tonight when I received a tip to go look at a post on their sheriff’s Facebook page. And that’s when I learned that Flathead County schools had not only been hacked and threatened if they didn’t…
More than four months after phishing attack, AU Medical Center notifies patients and employees
I had this deja vu feeling reading a report by Tom Corwin: Nearly five months after it happened, AU Medical Center announced that some patients may have had their personal information compromised by an attack on faculty email accounts, the hospital announced today. The attack known as phishing, where users unknowingly open up legitimate-seeming but…