Another hospital has been hit with ransomware. The following is a Google translation of a report The CHwapi, hospital center of Picardy Wallonia in Tournai, was the victim of a computer attack on Sunday evening. All non-urgent operations were canceled on Monday. No ransom demand has been demanded, according to management. The CHwapi was the…
Category: Of Note
Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services
Graham Cluley writes: The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety…
Cz: They attacked Hospital of Aftercare in Horažďovice; police are investigating
Jan Horák reports (translation): According to the findings of Aktuálně.cz, criminal investigators are revealing the background to the hacker attack on the aftercare hospital. Hackers attacked a medical facility in Horažďovice last week, knocking out part of its information systems. The hospital now operates without restrictions. The National Office for Cyber and Information Security consulted with the facility…
Excellus to pay $5 million to settle charges stemming from breach that impacted 9.3 million
Excellus Health Plan, Inc. has agreed to pay $5.1 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach…
Polish DPA fines Virgin Mobile Polska €460,000: Incidental safeguards review is not regular testing of technical measures
The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 million (EUR 460,000) on Virgin Mobile Polska for the lack of implemented appropriate technical and organisational measures to ensure the security of the processed data. UODO stated that the company infringed the principles of data confidentiality and accountability specified in…
M.D. Anderson’s $4.3 Million Fine for Patient Data Loss Vacated
This is huge. Mary Anne Pazanowski reports: The University of Texas’s M.D. Anderson Cancer Center dodged a $4.3 million fine for losing over 35,000 people’s protected health information after the Fifth Circuit ruled Thursday that HHS acted arbitrarily and capriciously in finding that the provider violated two information security regulations. You can read more on…