Laura Huatala has a nice piece about those who hunt for leaking databases, find them, and then try to get companies to secure them. I am honored to have been included in her CNET report with the likes of Chris Vickery, Justin Paine, and Bob Diachenko.
Category: Of Note
Equifax Says Cybersecurity Breach Has Cost $1.4 Billion
Emma Hurt reports: Equifax, the Atlanta credit bureau, revealed in its earnings release Friday that dealing with its 2017 cybersecurity incident has cost about $1.4 billion plus legal fees. A year and a half ago, the company, which gathers consumers’ credit histories, revealed a massive security breach compromised the personal information of about 150 million…
April sets new record for number of health data breaches and incidents (updated)
We’ve seen a record number of incidents reported in the first quarter of 2019, and it’s not getting any better in the healthcare sector. Whether you use HHS’s public breach tool, as Modern Healthcare does, or the system DataBreaches.net and Protenus, Inc. use to track U.S. breaches involving medical or health data, April set a…
Crippling ransomware attacks targeting US cities on the rise
Kevin Collier reports: Targeted ransomware attacks on local US government entities — cities, police stations and schools — are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems. The tally by cybersecurity firm Recorded Future — one of the first efforts to…
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
Executive Summary “Fxmsp” is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to access private corporate and government information. They have a long-standing reputation for selling sensitive information from high-profile global government and corporate entities. In March 2019, Fxmsp stated they could provide exclusive information stolen from three…
25,148 patients served by Southeastern Council on Alcoholism and Drug Dependence notified of ransomware incident
Here’s yet another ransomware incident in which investigators couldn’t really determine whether ePHI were actually accessed, so the entity notified HHS and is notifying patients. In this case, we are dealing with what could be treatment information for more stigmatizing conditions such as alcoholism or addiction. According to their report to HHS, 25,148 patients are…