DataBreaches.net has reported on a number of breaches in the healthcare sector this year that involved third parties, so I thought that I’d try to compile them to see how 2016 was shaping up. The resulting chronology, available in a new report co-authored with Protenus, Inc., includes more than 60 incidents involving business associates or vendors. Highlights of the…
Category: Of Note
New York State Proposes Cybersecurity Regulation for Financial Services Institutions
Micaela McMurrough, Ashden Fein and Catlin Meade write: On September 13, 2016, New York Governor Andrew Cuomo announced a proposed regulation that would require financial service institutions to develop and implement cybersecurity programs to prevent and mitigate cyber-attacks. The proposed regulation will be subject to a 45-day comment period once it is published in the New York State…
Lauri Love to be extradited to the US to face hacking charges, court rules (Update1)
I will have more on this case and ruling, but wanted to get the breaking news out. Jennifer Baker reports: Briton Lauri Love will be extradited to the US to face charges of hacking, Westminster Magistrates’ Court ruled on Friday. Love faces up to 99 years in prison in the US on charges of hacking as part…
Trump’s campaign mute about data security #fail?
It may not be on the level of failing to adequately secure State Department communications, but it seems Donald Trump’s organization could use a refresher course on data security. And when it finishes that, it might want to tackle a course on transparency. On Sunday night, DataBreaches.net received an email from MacKeeper Security Research Center lead researcher Chris Vickery….
A single ransomware network has pulled in $121 million
Maria Korolov reports: A single ransomware author and distributor was able to collect $121 million in ransomware payments during the first half of this year, netting $94 million after expenses, according to a report released today. […] Total ransomware increased by 128 percent during the first half of 2016 compared to the same period last year. There…
It’s 10 pm somewhere. Do you know where your old databases are?
An old database that seems to have magically reappeared online more than a decade after it was removed reminds us of an often-overlooked risk. In January, DataBreaches.net reported that a behavior intervention therapist’s database was exposed online due to a misconfigured MongoDB installation. What struck me about the incident was that the therapist likely had no idea that a company she had…