Andrew Taylor of AP reports: The IRS says the number of taxpayers whose tax information may have been stolen by computer hackers now exceeds 700,000 — more than double the agency’s previous estimate. The tax collecting agency says 390,000 more taxpayer accounts may have compromised than the 334,000 it warned about a year and a…
Category: Of Note
uKnowKids updates its breach report and answers a question I posed
There’s an update to uKnowKids’ breach disclosure, here. They assert that their analysis shows only one IP address – presumably researcher Chris Vickery’s – downloaded any data from their misconfigured database. They do not name the provider responsible for security the database. According to their statement, the misconfigured instance of the database occurred on December…
Addressing Gaps in Cybersecurity: OCR Releases Crosswalk Between HIPAA Security Rule and NIST Cybersecurity Framework
The sensitive health information maintained by health care providers and health plans has become an increasingly attractive target for cyberattacks. The need for health care organizations to up their game on health data security has never been greater. To help health care organizations covered by the Health Insurance Portability and Accountability Act (HIPAA) to bolster…
Patient monitors altered, drug dispensary popped in colossal hospital hack
Scary stuff. Darren Pauli reports: Security researchers have exploited notoriously porous hospital networks to gain access to, and tamper with, critical medical equipment in attacks they say could put lives in danger. In tests, hospital hackers from the Independent Security Evaluators research team popped patient monitors, making them display false readings which could result in…
Individual Convicted of an Offence under the Health Information Act
A woman was recently convicted of knowingly accessing health information of seven people in contravention of the Health Information Act (HIA). On Feb. 5, Denise Tourneur pleaded guilty to illegitimately accessing the health information of seven individuals on 44 separate occasions at the Kaye Edmonton Clinic where she worked. The situation stemmed from a breach discovered by…
ASUS Settles FTC Charges That Insecure Home Routers and “Cloud” Services Put Consumers’ Privacy At Risk
Taiwan-based computer hardware maker ASUSTeK Computer, Inc. has agreed to settle Federal Trade Commission charges that critical security flaws in its routers put the home networks of hundreds of thousands of consumers at risk. The administrative complaint also charges that the routers’ insecure “cloud” services led to the compromise of thousands of consumers’ connected storage devices, exposing…