Darren Pauli reports: The US computer emergency response team has issued a warning after admin credentials were found in a popular medical application used for acquiring patient data. The MEDHOST application is designed for handling the perioperative three stages of surgery including patient tracking, and patient conditions. It can be hosted and managed remotely. About 1,000 healthcare…
Category: Commentaries and Analyses
CFAA overreach: FBI raids home of security researcher
From the stop-me-if-you’ve-heard-this-one-before dept: Over on Daily Dot this morning, I reported that the FBI executed a search warrant at the home of researcher Justin Shafer. Shafer’s name will be familiar to regular readers of DataBreaches.net because he exposed a long-standing security vulnerability in Dentrix software and challenged Henry Schein’s claims that their product provided “encryption.” Our combined efforts resulted in…
Heads Up Internet: Time to Kill Another Dangerous CFAA Bill
Jamie Williams writes: The Computer Fraud and Abuse Act (CFAA), the federal “anti-hacking” statute, is long overdue for reform. The 1986 law—which was prompted in part by fear generated by the 1983 technothriller WarGames—is vague, draconian, and notoriously out of touch with how we use computers today. Unfortunately, Sens. Sheldon Whitehouse and Lindsey Graham are on a mission…
8th Circuit Upholds Data Breach Coverage for Bank Loss Following Hacker’s Fraudulent Transfer
Ken Kronstadt and Crystal Skelton of Kelley Drye & Warren LLP write: Last week, the Eighth Circuit upheld a lower court’s ruling in State Bank of Bellingham v. BancInsure Inc., finding that a bank employee’s negligence in securing its computer network did not preclude coverage for a data breach resulting in a fraudulent funds transfer. The decision…
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
Michael Riley and Alan Katz report: Investigators are examining possible computer breaches at as many as 12 banks linked to Swift’s global payments network that have irregularities similar to those in the theft of $81 million from the Bangladesh central bank, according to a person familiar with the probe. FireEye, the security firm hired by…
Precision Medicine Initiative and Data Security
Secretary Sylvia Mathews Burwell and Lisa O. Monaco write: The health care system of the future is taking shape right now, and the foundation of that new system is health care data that is private, trusted and secure. Today, we are pleased to release the final Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision…