This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…
Category: Of Note
Medical Devices Face January 14 D-Day
Medlaw reports: January 14, 2020, Microsoft will stop supporting Windows 7. So what? Well, if you are in the medical community, it could mean the choice between spending big money on updating the operating systems of your medical devices or facing the constant attacks of hackers with vulnerable, out-dated software. Some hospitals have updated medical…
Ransomware at Colorado IT Provider Affects 100+ Dental Offices
Brian Krebs reports: A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known…
Hong Kong schools fall victim to cyberattack, raising fears for private data of pupils
Danny Mok reports: Hackers have broken into a government system used by most of Hong Kong’s schools, raising fears for the personal data of pupils, parents and staff. Eight schools operating a web-based administrative network that stores highly sensitive information were breached, with three of them reporting data leaks, the Education Bureau said on Friday…
NYC Health & Hospitals Corp. investigating alleged employee wrongdoing
NYC Health & Hospitals Corp. posted a notice this week (reproduced below) that suggests that a rogue employee may have been selling PHI to law firms or clinics that specialize in motor vehicle accident patients. Of note, this notice does not specify any one hospital where the employee worked. Did the employee have access to…
Ransomware attack hits major US data center provider
Catalin Cimpanu reports: CyrusOne, one of the biggest data center providers in the US, has suffered a ransomware attack, ZDNet has learned. CyrusOne is currently working with law enforcement and forensics firms to investigate the attack and is also helping customers restore lost data from backups. Read more on ZDNet.