If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…
Category: Commentaries and Analyses
State auditor to examine cybersecurity in Missouri schools
Excellent. NewsOK reports: State Auditor Nicole Galloway on Wednesday announced the launch of a cybersecurity audit initiative in Missouri schools. The initiative will focus on identifying practices that improve the security of information that schools have on students and their families. Read more on NewsOK.
ATM Skimmer Gang Firebombed Antivirus Firm
Brian Krebs reports: It’s notable whenever cybercime spills over into real-world, physical attacks. This is the story of a Russian security firm whose operations were pelted with Molotov cocktail attacks after exposing an organized crime gang that developed and sold malicious software to steal cash from ATMs. Read more on KrebsOnSecurity.com.
Ca: Tax workers continue to peek at forbidden files: internal reports
Dean Beeby reports: Canada Revenue Agency workers continue to poke into the confidential tax files of friends and foes, despite assurances to Canada’s privacy commissioner that the chronic problem of unauthorized access is being fixed. The 34 significant privacy breaches reported by the CRA to the commissioner in 2014 show all but two were deliberately…
AU: Leaked documents: 31 ‘identified’ privacy breaches not too bad, says Department of Veterans Affairs
Ian McPhedran reports: The Department of Veterans Affairs (DVA) has played down the extent of privacy breaches under departmental document leaks. However the scandal has deepened with more than a dozen veterans and advocates coming forward with examples of serious breaches since News Corp Australia last week revealed that personal documents including medical reports and compensation…
Senator Sheldon Whitehouse Wants to Make the Computer Fraud and Abuse Act Even Easier to Abuse
If you’re a security researcher, you’ll definitely want to read this. Nadia Kayyali writes: This summer, Senator Sheldon Whitehouse introduced an amendment to the flawed Cyber Information Sharing Act (CISA) that would make it even worse, by expanding the broken Computer Fraud and Abuse Act (CFAA). EFF has proposed common sense changes to this federal anti-hacking law, many of which were included in “Aaron’s…