Brett Kelman reports: Federal and state prosecutors have asked a judge to halt the destruction of thousands of medical records abandoned by PainMD, a Nashville-area pain clinic company that shut down earlier this year in the midst of a fraud investigation. The medical records, which could be evidence against PainMD or important to former patients, are currently stuck…
Category: Other
Western Connecticut Health Network notifying patients that their medical records were in a box that broken open during mailing
Rich Kirby reports: Nuvance Health, which operates the Western Connecticut Health Network, is warning patients that some of their medical records may have been compromised. On Monday, Nuvance released a statement that read in part: “On June 21, 2019, WCHN learned that a box containing medical records that it had sent via the United States…
Ransomware crooks hit Synology NAS devices with brute-force password attacks
Liam Tung reports: Taiwan-headquartered storage vendor Synology is warning users to strengthen the passwords to their network attached storage (NAS) after several devices — capable of storing terabytes of data — were encrypted by ransomware. NAS units used by home and small-business users are a juicy target for ransomware attackers, who know they’re packed with…
Hackers breach 62 US colleges by exploiting ERP vulnerability
Catalin Cimpanu reports: Hackers have breached the systems of 62 colleges and universities by exploiting a vulnerability in an enterprise resource planning (ERP) web app, the US Department of Education said in a security alert sent out this week. The vulnerability is in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP that…
Google Data Breach Faces Review by Irish Privacy Watchdog
Stephanie Bodoni reports: Google faces a possible investigation by Irish data privacy regulators related to reports that contractors had been able to listen to audio of users of its digital assistant technology. The Irish Data Protection Commission received a breach notification from the company late Thursday, said Graham Doyle, the agency’s spokesman. Google reacted in…
WeTransfer Security Incident Sent Files to the Wrong People
Lawrence Abrams reports: In an embarrassing security incident, the WeTransfer file sharing service announced that for two days it was sending it’s users shared files to the wrong people. As this service is used to transfer what are considered private, and potentially sensitive files, this could be a big privacy issue for affected users. Starting…