It’s an old story, but it continues to occur: insiders using data to open their own businesses or practices. This time, 800 people are being notified by Windsor area hospitals in Canada that their babies’ data was “inappropriately accessed” by a pediatrician within Windsor Regional Hospital. Travis Fortnum reports: In a statement sent to CTV…
Category: Insider
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
James Coker reports: Cybersecurity awareness training company KnowBe4 has revealed it was duped into hiring a fake IT worker from North Korea, resulting in attempted insider threat activity. The malicious activity was identified and prevented before any illegal access was gained or any data was compromised on KnowBe4 systems. In a blog published on July 23,…
Insider Threat Research by Binghamton University: Are mass layoffs and data breaches connected?
Binghamton University press release by Anthony Borrelli: The WARN notice gets filed, and among the hundreds of workers who will get the proverbial pink slip, one spiteful ex-employee performs a hack that triggers a massive leak of confidential data ranging from bank account information to social security numbers. It sounds like the trappings of a plot out…
Insider Threat: Fake Therapist Fooled Hundreds Online Until She Died, State Records Say
In April 2023, Brightside Health, Inc. reported a breach to HHS that affected 767 patients. The incident was coded as “unauthorized access/disclosure” of information located in “EMR, other.” HHS’s closing statement on the public breach tool described the incident this way: The covered entity (CE), Brightside Health, reported that an unauthorized individual accessed the protected…
Mass General Brigham fires two employees after patient data breach
Bryan Lambert reports: Mass General Brigham says some patients may have had personal information exposed after two employees allegedly allowed an unauthorized person access to private records. The hospital says on April 4 it was made aware of an incident where patients’ personal info, including name, address, medical record number, date of birth, email address,…
Ph: Arrested Data Security Officer Admits To Hacking 93 Websites
Mark Ernest Villeza reports: A data security officer of the Manila Bulletin has admitted to hacking approximately 93 websites, including government and private company websites, as well as servers based abroad. In an interview with ABS-CBN aired on June 24, the hacker with the alias “Kangkong” revealed that he left a specific picture on the compromised websites as…