Evan Sweeney reports: The Department of Health and Human Services is exploring potential changes to the agency’s “wall of shame,” a legislatively mandated website that tracks healthcare data breaches dating back to 2009. During a hearing addressing cybersecurity concerns in healthcare last week, Leo Scanlon, deputy chief information security officer at HHS, told Rep. Michael…
Category: Commentaries and Analyses
UK: Gloucester City Council fined by ICO for not updating OpenSSL promptly, which permitted Heartbleed exploitation by Anonymous
The Information Commissioner’s Office (ICO) has fined Gloucester City Council £100,000 after a cyber attacker accessed council employees’ sensitive personal information. The attacker took advantage of a weakness in the council’s website in July 2014, which led to over 30,000 emails being downloaded from council mailboxes. The messages contained financial and sensitive information about council…
You shot the messenger and then needed her help? How did that work out for you?
Some readers might appreciate an update as to what happened when Bronx-Lebanon Hospital Center and iHealth Solutions sent legal threat letters to this site after I notified them and reported that they were leaking protected health information. As I previously noted, I was – and remain – very grateful to Covington & Burling for their representation of me and this…
Romania: Haven for hackers turned cyber sleuths
Vlad Odobescu reports: Razvan Cernaianu once surfed the Internet anonymously and easily broke into the computer systems for NASA, the Pentagon and Oracle. Then he became part of a legion of hackers that turned Romania into a center of international cyber fraud investigators. Now, the 25-year-old is co-founder of Cyber Smart Defense, a security firm…
HospitalGown Database Leak: Enterprise Apps Found Leaking Data On Back End Servers
AJ Dellinger reports: Mobile apps for enterprise services that manage data are leaving massive troves of user information exposed and unprotected on backend servers, according to a group of security researchers. Experts at Appthority, a mobile security firm, published a report that showed 43 terabytes of data from enterprise apps left exposed. The information was…
Anthem, AmEx, PayPal, Must Face ID Theft Suit in Calif.
Jimmy H. Koo reports: Health insurance, financial services, and payment card companies failed to keep a California attorney’s identify theft lawsuit in federal court and must face the allegations back in state court, the U.S. District Court for the Northern District of California held May 31 ( Gallo v. Unknown No. of Identity Thieves ,…