From the we-should-have-expected-this dept., Adam Winer reports: An IRS program that was supposed to help protect vulnerable taxpayers has been partially suspended, because it turns out the program wasn’t all that secure. An “IP pin code” program is supposed to add another layer of security to those filing tax return forms, but in March, the…
Category: Of Note
Hackers Seek Ransom From Two More California Hospitals
Chad Terhune reports: Hackers demanded a ransom from two more Southern California hospitals last week and federal authorities are investigating the case. Prime Healthcare Services Inc., a fast-growing national hospital chain, said the attackers infiltrated computer servers on Friday at two of its California hospitals, Chino Valley Medical Center in Chino and Desert Valley Hospital…
Three members of Syrian Electronic Army charged by feds
Three Syrian nationals, all current or former members of the Syrian Electronic Army (SEA), were charged with multiple conspiracies related to computer hacking, according to two criminal complaints unsealed today in the U.S. District Court of the Eastern District of Virginia. Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known…
NY: Treasure trove of Grand Street Medical Associates patient data exposed and indexed
Grand Street Medical Associates is a multi-disciplinary practice in Kingston, New York. At some point, what appears to be a vast amount of their patients’ protected health information was left exposed on an unsecured FTP server. The leak was discovered by a security researcher, who notified GSMA and then contacted DataBreaches.net on March 12. According…
KY: Ransomware incident at Methodist Hospital in Henderson (update2)
On March 15, Jessica Gavin reported: A cyber security breach, striking Methodist Hospital in Henderson. We’re learning the FBI is investigating this right now, but there’s some good news. [….] David Park, COO of Methodist, tells 14 NEWS the hackers have copied patients records and locked those copies. They’ve deleted the originals. “We’ve notified the FBI,…
Featured Story: Henry Ford Healthcare System: creating a culture of privacy
Over the past decade of reporting on healthcare sector breaches, I can probably count on one hand the number of entities who have impressed me that they really “get” that responding to a privacy breach is not primarily about data or statutory notifications. It’s about addressing any distrust or anxiety patients may feel about you protecting their confidentiality, because…