In November, 2018, this site noted a breach disclosed by Huntsville Hospital involving JobScience, Inc., a vendor providing online job application services. On November 10, we reported that other entities were also affected, such as Tallahassee Memorial Hospital, who had been notified in September by JobScience, and NorthBay Healthcare Corp., who were notified in October….
Category: Of Note
Unsecured Gearbest server exposes millions of shoppers and their orders
Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…
Mt Gox Bitcoin exchange’s Karpeles avoids jail time in Japan
Yuri Kageyama reports: Mark Karpeles, who headed Mt. Gox, a Tokyo-based bitcoin exchange that went bankrupt after a massive hacking, was found guilty Friday of manipulating electronic data but cleared of embezzlement and breach of trust charges. The Tokyo District Court handed down a prison sentence of two years and six months, suspended for four…
Are Bug Bounty Programs Worth It?
Julia R. Livingston and Craig A. Newman of Patterson Belknap write: Almost weekly, it seems there is another news article about a bug bounty program sponsored by a major corporation where an amateur hacker – often a teenager – is paid a sizeable sum of money for finding a bug in a company’s operating system…
‘Privacy Is Becoming a Luxury’: What Data Leaks Are Like for the Poor
Elizabeth Brico reports: When Jayne checked her email on the morning of February 13, she didn’t expect to find anything particularly exciting. The 34-year-old, who asked her real name be withheld out of fear that speaking out could affect her housing benefits, was enjoying a rare moment of relative peace on a snow day in…
US Healthcare institutions are vulnerable to phishing attacks: Survey
CISOMag reports on a recent survey and report, Assessment of Employee Susceptibility to Phishing Attacks at US Health Care Institutions, authored by Dr. William Gordon and colleagues. Not surprisingly, the survey found that the healthcare sector was susceptible to phishing attacks. How susceptible, you wonder? William specified that when the researchers sent simulated phishing emails,…