Regular readers will realize that I’ve been reporting on the Summit Reinsurance breach since it first appeared in a covered entity’s disclosure back in November. Since then, I’ve been compiling and/or reporting on other entities affected by the ransomware attack that they discovered August 8, 2016. So seven months after discovery, they are first issuing a public…
Category: Commentaries and Analyses
Chinese police make 96 arrests in latest operation against personal data theft
Laura Zhou reports: Chinese police have arrested 96 suspects over data theft, in a case that exposes the challenges facing the country from a rampant trade in citizen’s private information, the state broadcaster reported. In one of the biggest operations of its kind, police raided sites in 14 provinces including Anhui, Henan and Liaoning, as…
Law Firm Sued for Alleged Lax Data Security Avoids Class Action
Derek Borchardt and Michael F. Buchanan have an update on litigation previously noted on this site. At its heart, a lawsuit claimed a Chicago law firm, Johnson & Bell, had inadequate data security. There was no allegation of any actual breach – the suit was over inadequate data security. Back in December of last year, we reported that for the…
Study: Healthcare Organizations Are Top Targets for Hackers – 68% Have Compromised Email Credentials
Presser, but has some interesting findings: Evolve IP, The Cloud Services Company™, today released the results of a study of Dark Web email vulnerabilities in the healthcare industry. The research, conducted in a collaboration between Evolve IP and ID Agent, reveals the pervasive nature of email-based cybersecurity attacks and sheds light on the quantity, variety, sources…
Has W-2 fraud overtaken healthcare as the most lucrative target for cyber-criminals?
Michael Bruemmer, a vice president with the Experian Data Breach Resolution group, poses a question about whether W-2 fraud has become the most lucrative target for criminals when attacking the healthcare sector. But the data he points to – some of which is based on the work DataBreaches.net is doing with Steve Ragan of Salted Hash,…
Yahoo says 32m user accounts were accessed via cookie forging attack
Asha McLean reports: Yahoo has said that an unauthorised third party accessed the company’s proprietary code to learn how to forge certain cookies, which it said resulted in an intruder accessing approximately 32 million user accounts without a password. “The outside forensic experts have identified approximately 32 million user accounts for which they believe forged…