AP reports: The chief counsel for U.S. Immigration and Customs Enforcement in Seattle has been charged with stealing immigrants’ identities. Raphael A. Sanchez, who resigned from the agency effective Monday, faces one count of aggravated identity theft and another of wire fraud in a charging document filed Monday in U.S. District Court. Prosecutors with the…
Category: Of Note
Consequences for HIPAA violations don’t stop when a business closes
There’s a new settlement announcement from HHS OCR that makes clear that even if an entity closes its doors, any HIPAA enforcement action continues: A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the U.S. Department of Health and Human Services (HHS) Office…
Education Department Toughens Tone on Cyber and Threatens to Pull Funding for Non-Compliance
Sara A. Arrow and Craig A. Newman Recently-issued guidance from the U.S. Department of Education (ED) threatens to “yank” Title IV funding for post-secondary institutions lacking appropriate data security safeguards. The guidance comes as the risk of educational data breaches has intensified, as we have previously reported. The stakes are even higher now that ED…
AMP Global Clearing LLC fined for lax security
A monetary penalty resulted from a misconfigured backup uncovered by Chris Vickery, who was then with Kromtech Security. It was reported publicly in April, 2017 by a number of outlets, including The Daily Dot. This was one of those cases where a vendor’s mistake turned out to be costly. The Commodity Futures Trading Commission (CFTC)…
One Plugin, Over 4,200 Victims – When Thousands of Government Websites Were Hijacked to Mine Monero
Rafia Shaikh reports: Thousands of websites around the world were targeted by cryptojackers over the weekend to mine Monero. The targets included websites run by the US and UK governments that were secretly hijacked by attackers to mine cryptocurrency using a compromised plugin, Browsealoud. Over 4,200 websites are in the victims list [link], including The City University of…
Equifax Hack Might Be Worse Than You Think
AnnaMaria Andriotis reports: Hackers in the Equifax Inc. breach accessed more of consumers’ personal information than the company disclosed publicly last year. Equifax said, in a document submitted to the Senate Banking Committee and reviewed by The Wall Street Journal, that cyberthieves accessed records across numerous tables in its systems that included such data as…