Laser & Dermatologic Surgery Center in Missouri notified HHS last month about an incident affecting 31,000 patients, but the submission was not added to the breach tool until this month, and no details had been readily available online until now. I recently spoke with their practice manager, who provided me with a copy of their notice…
Category: Malware
Cici’s Pizza: Card Breach at 130+ Locations
Brian Krebs reports: Cici’s Pizza, a Coppell, Texas-based fast-casual restaurant chain, today acknowledged a credit card breach at more than 135 locations. The disclosure comes more than a month after KrebsOnSecurity first broke the news of the intrusion, offering readers a sneak peak inside the sprawling cybercrime machine that thieves used to siphon card data from Cici’s customers…
Saint John Development Corporation finds cyber attack damage
Rachel Cave reports: The Saint John Development Corporation says it’s working to restore an annual report that it lost to a cyber attack in early 2015. “We lost a lot of our data,” said General Manager Kent MacIntyre. “We had some [Saint John] city IT people working with us to try to recover that but…
New HHS guidance on Ransomware and HIPAA
I hate it when I tweet something but forget to post it. In today’s installment of “Smacking Myself in the Forehead,” I remember to tell readers that HHS has issued a new guidance on ransomware and HIPAA. A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since…
PA: Ransomware attacks info of 13K patients at Ambulatory Surgery Center at St. Mary
Jenny Wagner reports: The Ambulatory Surgery Center at St. Mary is alerting approximately 13,000 patients about a recent data breach involving their personal information. In letters sent to patients last week, the center, which provides outpatient surgical and diagnostic procedures, explained that staff members discovered the breach June 1 when they noticed encrypted files on…
IoT Medical Devices: A Prescription for Disaster
Tom Spring reports: Late last month, TrapX Labs’ security team spotted an uptick in the prevalence of a new more virulent strain of malware targeting hospitals and their IoT equipment. Researchers discovered attackers targeting unpatched medical equipment running Windows XP and Windows 7 with variations of attacks such as the Conficker worm, long thought obsolete. The…