Maybe we should do this one as a “write your own headline” exercise. Earlier this week, Kromtech Security reported that they had uncovered yet another improperly secured AWS S3 bucket that was exposing protected health information. The company that was responsible for the collection of the home monitoring data, Patient Home Monitoring, was exposing what…
Category: Commentaries and Analyses
No holds barred? TheDarkOverlord threatens students with physical violence to send FBI a message to back off
DataBreaches.net has been reporting on TheDarkOverlord (TDO) since they first burst on the scene in June, 2016. Since then, this site has reported on numerous attacks by them on health care entities, financial and business entities, a Hollywood post-production studio, and a defense contractor. Now they have begun to target the education sector, and an official at the…
Office of the Australian Information Commissioner seeks your comment
Notifiable Data Breaches We are currently seeking public comment on the following draft resources: What to include in an eligible data breach statement Notifiable Data Breach statement Exceptions to notification obligations Guide to OAIC Privacy Regulatory Action – Chapter 9: Data breach incidents Assessing a suspected data breach Please provide any comments by 23 October…
Firewalls Don’t Stop Hackers. AI Might.
Scott Rosenberg reports: The cybersecurity industry has always had a fortress mentality: Firewall the perimeter! Harden the system! But that mindset has failed—miserably, as each new headline-generating hack reminds us. Even if you do patch all your software, the way Equifax didn’t, or you randomize all your passwords, the way most of us don’t, bad…
Healthcare Data Breach Litigation Trends
Bryan Cave provides a summary analysis of litigation in terms of what kinds of claims tend to fail to demonstrate standing in class action lawsuits and what types of claims may be sufficient to demonstrate standing. What they don’t show on either side of their chart is the question of “are the data involved highly embarrassing/stigmatizing?”…
7% of All Amazon S3 Servers Are Exposed, Explaining Recent Surge of Data Leaks
Catalin Cimpanu reports: During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers. In almost all cases, the reason was that companies, through their staff, left Amazon S3 “buckets” configured to…