Today, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of three investigations and one matter before an Administration Law Judge related to compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Two of these cases are part of OCR’s HIPAA Right of Access…
Category: Of Note
Data of 820,000 NYC students compromised in hack of online grading system: Education Dept.
Michael Elsen-Rooney reports: Personal data for roughly 820,000 current and former New York City public school students was compromised in the hack of a widely-used online grading and attendance system earlier this year, city Education Department officials said Friday, revealing what could be the largest-ever breach of K-12 student data in the U.S. Furious city…
Hotel WiFi across MENA compromised and exposing private data
Kareem Chehayeb reports: Pakistani cybersecurity researcher Etizaz Mohsin was in a hotel room in Qatar when he unexpectedly discovered a technical vulnerability in its internet system that exposed the private information of hundreds of hotels and millions of guests worldwide. […] “I found out that there is a service running rsync [file synchronization tool], which…
Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide
The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies…
London police make arrests related to Lapsus$
BBC reports: A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$. The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers. City of London Police say they have arrested seven teenagers in relation to the…
Newer Conti ransomware source code leaked out of revenge
“ContiLeaks,” generally believed to be a Ukrainian security researcher (although that is not confirmed), is at it again. Lawrence Abrams reports that they have now leaked newer malware source code for Conti. Read more about it BleepingComputer.