Censys recently published a new research report that looks at exposed data on the internet involving healthcare devices and systems connected to PHI. Here’s their Executive Summary: Censys discovered 14,004 unique IP addresses exposing healthcare devices and data systems connected to potentially sensitive medical information on the public internet. These exposures greatly raise the risk of unauthorized…
Category: Of Note
2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’
DataBreaches recently posted a press release from HHS OCR that announced a settlement with Cascade Eye and Skin Centers following a ransomware investigation. Theresa Defino of Report on Patient Privacy (RPP) dug into the incident and investigation more, and her reporting services as a great reminder that HHS’s press releases frequently do not really answer…
Dutch police post warning message in Telegram groups after four data broker arrests
After various investigations, the police have arrested several data traders in various locations in the Netherlands in the past period. They are suspected of involvement in the sale of personal data. This data was traded within various Telegram groups. In these groups, warning messages are now being placed by the police. Through data theft, hacks…
Birth Choice of San Marcos to notify patients of breach at National Diagnostic Imaging
On March 16, 2024, National Diagnostic Imaging (NDI) experienced a network disruption. Their investigation subsequently revealed that they had been the victim of unauthorized access between February 19, 2024, and March 27, 2024. According to a letter from one of their clients, they notified Birth Choice of San Marcos on August 19 of the scope…
NYDFS Superintendent Adrienne A. Harris Issues New Guidance to Address Cybersecurity Risks Arising from Artificial Intelligence
October 16, 2024 New York State Department of Financial Services (DFS) Superintendent Adrienne A. Harris today issued new guidance to assist regulated entities in addressing and combating cybersecurity risks arising from artificial intelligence. The guidance builds on the Department’s ongoing work to protect New Yorkers and DFS-licensed entities from cybersecurity risks through its nation-leading cybersecurity…
FBI Arrests Alabama Man in the January 2024 SEC X Hack that Spiked the Value of Bitcoin
Kelvin Munene Murithi reports: The FBI has arrested Eric Council Jr., 25, of Athens, Alabama, in connection with the January 2024 unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) X account, previously known as Twitter. The arrest follows allegations that Council played a key role in a hacking incident that led to a…