Bradley Barth reports: … Researchers at the cybersecurity firm TrapX Security refer to the act of infiltrating or hijacking medical devices as MEDJACK. In a 2015 report, the company cited examples of such attacks in which the malware infection was limited to the device itself. No more, however: In its 2016 MEDJACK.2 report, TrapX revealed examples of…
Category: Commentaries and Analyses
Massachusetts General Hospital Dental Group notifies patients of Patterson FTP server incident
Back in February, this site reported that a Patterson Dental anonymous FTP server was leaking patient data, according to a security researcher who had discovered the problem and reported it to them and then this site. One of the entities, the Massachusetts General Hospital Dental Group, had patient data caught up in that leak, and…
FTC closes 70 percent of data security investigations
Jeremy Snow reports: The Federal Trade Commission closes 70 percent of all formal security investigations it opens on average, FTC Commissioner Maureen Ohlhausen said Tuesday. Ohlhausen gave her insight on FTC’s previous private sector security breaches that caused stolen identities and data during a Heritage Foundation discussion on federal online data security regulation, and how the commission decides when…
C’mon folks, stop screwing up the easy stuff
It’s been what – at least a decade? – since we started seeing reports of personal and corporate information left on drives that were being resold on eBay? And yet even now, 2/3 of drives contain personal or corporate data, according to a new study.
Trying to get Maricopa County to respond to a privacy concern? Good luck with that!
As I’ve lamented (ok, bitched) many times: trying to notify an entity of a privacy or data security concern can be time-consuming and frustrating if the entity does not provide a clear means to notify them or doesn’t respond to your e-mails or calls. If you are thinking of trying to notify Maricopa County, Arizona…
Should the Careless Be Punished for Getting Hacked?
Josephine Wolff, a professor at the Rochester Institute of Technology, believes cybersecurity policy would benefit from a debate about if and when it might be appropriate to punish careless computer users for their role in enabling those criminals. Read more on The Atlantic while I go search for an image of a can of worms. Is…