There’s an update to a case announced in November 2022 in which five former Methodist Hospital employees in Memphis Tennessee were charged with criminal violations of HIPAA. According to the indictment, between November 2017 and December 2020, the five were charged with conspiring with Roderick Harvey to unlawfully disclose patient information in violation HIPAA. Harvey…
Category: Of Note
Switch hacker Gary Bowser released from jail, will pay Nintendo 25-30% income ‘for the rest of his life’
Chris Scullion writes: Gary Bowser, the hacking group member who was convicted for creating and selling circumvention devices enabling users to play illegal backups on Switch and 3DS, has been released from prison early. Bowser was sentenced in February 2022 to 40 months in prison for his part as a member of a hacking group called Team-Xecuter, which in…
3CX Breach Was a Double Supply Chain Compromise
Brian Krebs reports: In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries,…
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Mullvad VPN was subject to a search warrant, says customer data not compromised.
Mullvad reports on their blog: On April 18 at least six police officers from the National Operations Department (NOA) of the Swedish Police visited the Mullvad VPN office in Gothenburg with a search warrant. They intended to seize computers with customer data. In line with our policies such customer data did not exist. We argued they had…
HHS Cybersecurity Task Force Provides New Resources to Help Address Rising Threat of Cyberattacks in Health and Public Health Sector
On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of the following resources to help address cybersecurity concerns in the Healthcare and Public Health (HPH) Sector: Knowledge on Demand – a new online educational platform that offers free cybersecurity trainings for health and public health organizations to…