If you search this site for CareFirst, you’ll find a lot of coverage of a breach they had in 2014 that was discovered in 2015, and the ensuing litigation. Now Judy Greenwald reports the latest twist and turn on the litigation front: A federal appeals court has reinstated a putative class action lawsuit filed by…
Category: Of Note
Senators introduce bill to secure Internet of Things devices; provide some protection for researchers
Zack Whittaker reports: A bipartisan group of senators have introduced legislation aimed at securing internet-connected smart devices, which were at the center of a massive cyberattack that brought down large swathes of the internet last year. The distributed denial-of-service in October lasted for less than a day, but it further fueled concerns about threats posed by…
No one taking responsibility for exposed medical records at Forest Hill
Barb Ickes reports: More than six weeks have passed since notice was given: Children were breaking into a vacant nursing home in East Moline and stealing people’s medical records. Several city officials, including police and the mayor, were notified immediately. The Illinois Attorney General was contacted. Ditto for the Illinois Department of Public Health and…
It’s Sunday, so….
Have you ever seen a visualization of the world’s biggest data breaches? If not, you can see it here. Hovering over incidents will lead you to additional information on the incident, and you can also use a variety of filters. I love that site, especially because that wonderful tool relies on DataBreaches.net as a source…
Ransomware: Canadian company pays $425,000
Luke Irwin writes: A Canadian organization has reportedly paid criminals $425,000 in bitcoin after its systems were crippled in a ransomware attack. The claim comes from Daniel Tobok, CEO of forensic firm Cytelligence, which he says is helping with the investigation. Tobok, speaking to IT World Canada, didn’t name the affected company, but said unpatched…
Researcher: Metadata the ‘most potent weapon’ against critical infrastructure security
Brad D. Williams reports: Critical infrastructure operators have long faced the formidable security challenges of zero-day vulnerabilities and advanced persistent threats (APTs), both of which were employed in some of the most prominent cyberattacks in the sectors to date. But one researcher is warning leaders in government and industry of an old threat that, fueled…