I’ve reported on the Timothy Lance Lai/Corona Del Mar grade-changing case a number of times in the past few years. Now Megan Geuss reports: On Tuesday, Southern California tutor Timothy Lance Lai pleaded guilty to computer fraud and burglary for placing keylogging software on teachers’ computers to steal login credentials which he used to change…
Category: Other
43 million South Koreans had their medical information leaked
Over the weekend on PogoWasRight.org, I linked to an editorial from The Korea Herald about the sale of medical information of 43 million people (nearly 90% of the Korean population). The editorial began: A company specializing in developing medical fees settlement programs used by hospitals and the Korea Pharmaceutical Information Center — which distributed free pharmacy…
Abandoned autopsy lab in Tobolsk, Siberia still has medical records, human remains
This is a somewhat bizarre – and disturbing – breach involving medical records and human remains. Police have launched an investigation after an abandoned autopsy laboratory containing mummified baby remains was discovered in a park. The gruesome facility in Tobolsk, which may have been used as recently three years ago, was stumbled across by a…
Server compromised due to social engineering against ISP NFOrce
Seen on Twitter: Server compromised due to social engineering against ISP NFOrce. There will be extended downtime for forensic analysis and reinstall. — BitcoinTalk (@bitcointalk) May 22, 2015 And over on redddit, theymos writes: The forum’s ISP NFOrce managed to get tricked into giving an attacker access to the server. I think that the attacker…
New Wayland treasurer named after attempted computer breach
I don’t remember seeing this one before. Michael Wyner reports that Wayland, Massachusetts had a near-miss on having $4 million in town funds stolen by cybercriminals: Wayland Police began investigating the security breach on Jan. 30, and found that malware on one of the town’s computers was used to gain bank account information and codes. In…
Dentrix vulnerability still poses risk to patient data: researcher
In early 2014, and over on PHIprivacy.net, I published some posts expressing concern about a vulnerability in Dentrix software, Dentrix’s claims at the time that its G5 product incorporated “encryption,” and their subsequent decision that the firm would not individually notify all customers that what the customers had been sold as “encryption” was not encryption. Following up on the public posts,…