Catalin Cimpanu reports: Two malware families battling for turf are most likely the cause of an outage suffered by Californian ISP Sierra Tel at the beginning of the month. This outage took place on April 10, 2017, when Sierra Tel customers started complaining about losing Internet and telephone connectivity. While initially there were unconfirmed rumors…
Category: Of Note
Longest sentence ever handed out for hacking: Roman Seleznev Sentenced to 27 Years
There was big news in the world of hacking prosecutions yesterday. The DOJ announced that Roman Seleznev was sentenced to 27 years in prison for computer hacking crimes that reportedly caused more than $169 million in damage to small businesses and financial institutions. Prosecutors had sought a 30-year sentence to send a strong message, and the sentence appears…
No Business Associate Agreement? $31K Mistake
From HHS: The Center for Children’s Digestive Health (CCDH) has paid the U.S. Department of Health and Human Services (HHS) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a corrective action plan. CCDH is a small, for-profit health care provider with…
BakerHostetler 2017 Data Security Incident Response Report Based on 450 Incidents
I don’t post links to most reports with data breach analyses because some are so flawed that they just perpetuate errors some of us have tried to correct. But BakerHostetler handles a lot of breach incidents for their clients, and they’ve issued a report based on 450 incidents they’ve handled. Some of their findings seem quite…
Texas man charged with cyberstalking FBI agent detained without bail
Good Friday turned out not to be a good day for Justin Shafer. The 37 year-old dental IT technician had been arrested on March 31 and charged with cyberstalking an FBI agent and the agent’s family under 18 U.S. Code § 2261A(2)(B). On April 14, he was taken back into custody, this time for violating release conditions. Shafer’s…
Metro Community Provider Network settles HHS breach charges for $400,000 and corrective action plan
HHS announced another settlement today. This one stemmed from a 2011 incident that was previously covered on this site. Once again, the take-home message is that you need to do a risk assessment, and you need a risk management plan commensurate with your risk assessment. In this case, there was no prior risk assessment, and…