To Report or Not Report Health Care Data Breaches December 11, 2020 Amanda Walden, PhD, RHIA, CHDA , Kendall Cortelyou-Ward, PhD , Meghan Hufstader Gabriel, PhD , Alice Noblin, PhD, RHIA, CCS, PMP The American Journal of Managed Care, December 2020, Volume 26, Issue 12 This study presents information regarding the decisions that health care privacy officers make about reporting a data breach, including…
Category: Of Note
Most Victim Organizations Suffer Second Intrusion Within a Year
Phil Muncaster reports: Security experts have warned victims of sophisticated cyber-attacks not to think of intrusions as a one-off event, as a majority of organizations end up getting hit again within the year. CrowdStrike compiled an analysis of its own incident response and managed services engagements in 2020, to produce the CrowdStrike Services Cyber Front Lines Report….
NEW CISA Alert: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Alert (AA20-345A) SUMMARY: This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the…
Hackers are selling more than 85,000 SQL databases on a dark web portal
Update: To read the original research report on the threat actors and sale/auction on the dark web, see this report by Guardicore. Catalin Cimpanu reports: More than 85,000 SQL databases are currently on sale on a dark web portal for a price of only $550/database. The portal, brought to ZDNet‘s attention earlier today by a security…
KR: Telecom LG U+ fined as a third party downloads and sells customer data
Korea JoongAng Daily reports: LG U+ was hit with 21.6 million won ($20,000) in government fines for a failure to secure customer data, which led to a massive breach and unauthorized sharing of sensitive information. The Personal Information Protection Commission (PIPC) announced Wednesday that it imposed a total of 75 million won in fines on…
FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
David E. Sanger and Nicole Perlroth report: For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be. Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies —…