Bill Toulas reports: A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer. A press release published yesterday by the South East Regional Organised Crime Unit (SEROCU) explains that in February 2018, the convicted man, Ashley Liles, worked as an IT Security Analyst…
Category: Insider
Warnings over NHS data privacy after ‘stalker’ doctor shares woman’s records
Today’s reminder that insider snooping can leave patients anxious, angry, and distrustful of ever sharing their protected health information again — even if they are not the patient who was victimized. Denis Campbell reports on an insider snooping case involving the UK’s NHS: The confidentiality of NHS medical records has been thrown into doubt after a “stalker”…
Six years prison for ex-Ubiquiti staffer who stole data and attempted to extort millions of dollars
Graham Cluley writes: A former software engineer at Ubiquit Networks has been sent to prison for six years after stealing gigabytes of data from the firm, attempting to extort millions of dollars, and harming the company’s reputation in the media. Back in January 2021, networking manufacturer Ubiquiti told users to change their passwords and enable two-factor authentication (2FA),…
NY: Catholic Health patients may have fallen victim to data breach by a consultant’s employee
Evan Anstey reports: Some of Catholic Health’s long-term care residents may have fallen victim to a data breach that took place over the summer. The health organization says Minimum Data Set Consultants (MDS), a firm that provides consulting services to skilled nursing facilities, was the target of the breach. MDS started investigating this in March,…
Jack Teixeira’s February 2022 Logs. Why wasn’t the insider threat prevented or detected?
Over on EmptyWheel, natsec journalist and blogger Marcy Wheeler writes, “In a motion to keep Jack Teixiera jailed, the government provided more details about what an unstable nut they gave access to the US’ most sensitive secrets.” Read Marcy’s post. Reading the logs from the perspective of someone who has blogged about insider threats and data…
Former Methodist employees plead guilty to HIPAA violations
There’s an update to a case announced in November 2022 in which five former Methodist Hospital employees in Memphis Tennessee were charged with criminal violations of HIPAA. According to the indictment, between November 2017 and December 2020, the five were charged with conspiring with Roderick Harvey to unlawfully disclose patient information in violation HIPAA. Harvey…