Community Health Systems’ bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say. Read more on Dark Reading. If HHS wants to go after CHS, this article certainly lays out the technical security safeguards that may not have been in place.
Category: Commentaries and Analyses
Hacking Exposed 78% Of All Records Compromised In First Half Of 2014
RiskBased Security reports: We are pleased to release our Data Breach QuickView report that shows that 2014 is on pace to replace 2013 as the highest year on record for exposed records, and the recently reported exposure of 1.2 billion email addresses and user names has not been included. The 1331 incidents reported during the first half…
Is your firm violating the Data Protection Act or begging for a hack of its Twitter account? (updated)
ThreeUK, who claim to have a 45% share of all mobile traffic in the UK, has a social media presence on Facebook and Twitter. They also have a dangerous practice of requesting customers provide personal details such as full name, phone number, postcode, and date of birth via direct messages (DM) to their support team, e.g.,…
Comptroller DiNapoli: Schools Must Do More to Limit Access to Sensitive Student Databases
Yes, it’s as bad as I’ve been saying for years. Now if they will just audit the NYC Department of Education, too. Employees in six upstate New York school districts had inappropriate computer access to sensitive student data and were able to change student grades and attendance records without proper authorization, according to an audit released today…
White-hat hackers lifted 560,000 corporate passwords in 31 days. We’re all screwed.
Richard Byrne Reilly reports: The password you use to log into your company network likely sucks. That’s the maybe-not-so-astonishing revelation from a group white-hat hackers who probe for vulnerabilities in corporate networks for a living. Over the course of a year, the hackers at Trustwave attacked more than 626,000 accounts throughout corporate America and were able to successfully crack…
1.4 Million Taxpayers Exposed to ‘increased risk of fraud and identity theft’ by IRS
J.D. Tuccille writes: The geniuses at the Internal Revenue Service gave sensitive data on over a million taxpayers to a printing contractor wiout checking the bona fides of any of the contractor’s employees, says the Treasury Inspector General for Tax Administration. The news comes from a report dated last month but just released to the public. This…