Executive Summary “Fxmsp” is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to access private corporate and government information. They have a long-standing reputation for selling sensitive information from high-profile global government and corporate entities. In March 2019, Fxmsp stated they could provide exclusive information stolen from three…
Category: Of Note
25,148 patients served by Southeastern Council on Alcoholism and Drug Dependence notified of ransomware incident
Here’s yet another ransomware incident in which investigators couldn’t really determine whether ePHI were actually accessed, so the entity notified HHS and is notifying patients. In this case, we are dealing with what could be treatment information for more stigmatizing conditions such as alcoholism or addiction. According to their report to HHS, 25,148 patients are…
American Medical Collection Agency breach impacted 200,000 patients – Gemini Advisory
A data breach involving a medical collection agency affected more than 200,000 patients who had used the firm’s online payment portal between September, 2018 and the beginning of March, 2019. At the end of February, Gemini Advisory analysts identified a Card Not Present (CNP) database that had been posted for sale in a dark web…
Member of Sophisticated China-Based Hacking Group Indicted for Series of Computer Intrusions, Including 2015 Data Breach of Health Insurer Anthem Inc. Affecting Over 78 Million People
More than four years from hack to indictment. How many more until they actually have the alleged hackers in custody? From the U.S. Department of Justice, this press release today: A federal grand jury returned an indictment unsealed today in Indianapolis, Indiana, charging a Chinese national as part of an extremely sophisticated hacking group operating…
Database With Millions of Indian Personal Records Exposed and Hijacked
Bob Diachenko writes: On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens, including the following fields: Name Email Gender Education level and area of speciazliation Professional skills / functional area Mobile phone number Employment history and current employer Date of…
Spectrum Health Lakeland notifies patients after billing vendor breach
I’m not finding anything on their web site just yet, but Spectrum Health Lakeland has reportedly been notifying patients about a breach involving their billing provider, OS Inc. WSJM reports that the health system learned of the breach on March 8 after an OS employee’s email account containing patient information was accessed without authorization. The information…