Iain Thomson reports: Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google security researchers. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into…
Category: Of Note
Florida man pleads guilty in attempted hacking of Clinton Foundation
Nate Raymond and Nathan Layne report: A Florida man pleaded guilty in a case stemming from an attempted hacking of the Clinton Foundation on Thursday, months after he was sentenced to 42 years in prison in the wake of child pornography discovered on his computers during the probe. Timothy Sedlak, 43, pleaded guilty in federal…
Police Have Arrested a Suspect in a Massive ‘Internet of Things’ Attack
Lorenzo Franceschi-Bicchierai reports: European police suspect a 29-year-old man of keeping one million people offline. They might have found the person behind the notorious hacker known as BestBuy. At the end of last year, hackers took over hundreds of thousands of home routers using a variant of the infamous Internet of Things malware known as Mirai. Then they rented out…
Will a Pending OCR Rule Impact Breach Class-Action Suits?
Marianne Kolbasuk McGee A pending federal regulation – called for under the HITECH Act – that would allow regulators to share with breach victims money collected in HIPAA violation cases eventually could have implications in class-action breach lawsuits, says privacy attorney Adam Greene. The Department of Health and Human Services’ Office for Civil Rights “is working on a new…
Vets lose privacy lawsuit against VA after unencrypted data is stolen from hospital
Patrick O’Neill reports: After multiple thefts and data breaches related to the unencrypted personal information of 7,400 U.S. veterans out of a Veterans Affairs hospital, an appeals court dismissed a lawsuit this month in which patients alleged violations of the Privacy Act and Administrative Procedure Act. The veterans claimed at least seventeen more data breaches have occurred at Wm….
The CoPilot Provider Support Services incident: The HIPAA issue
In the first part of a discussion of an incident reported by CoPilot Provider Support Services, this site reported claims by John Witkowski, a former employee, that CoPilot had not reported accurately on the incident. In this part, we focus on just one of CoPilot’s claims – that they are not a business associate under HIPAA….