Eaglesoft software by Patterson Dental is a popular patient management system. But just as one security researcher had concerns about patient data security in Henry Schein’s Dentrix G5 software, he’s also had concerns about Eaglesoft, albeit for different reasons. He contacted this site on February 6 and notified CERT of his concern: Eaglesoft does seem to…
Category: Subcontractor
Misconfigured MongoDB installation left Microsoft careers site vulnerable to attack
Chris Vickery writes: An exposed database was serving potentially arbitrary HTML through the mobile version of Microsoft’s careers page (m.careersatmicrosoft.com). Punchkick Interactive is a mobile web development company. Microsoft relies on Punchkick to handle the database that powers m.careersatmicrosoft.com. The bad news is that, for at least the past few weeks, this backend database has…
NOT SO SECURUS: PART 2 Lawyers Speak Out About Massive Hack of Prisoners’ Phone Records
The Intercept follows up on its earlier report in which a hack of Securus revealed that 70 million phone calls had been recorded – many involving what should be privileged communications between attorneys and their clients. Jordan Smith and Micah Lee report: The Intercept’s analysis, to the contrary, estimated that the hacked data included at least…
Gyft Notifies Affected Users of Security Incident
Back in December, Brian Krebs reported: Digital gift card retailer Gyft has forced a password reset for some of its users. The move comes in response to the theft of usernames and passwords from a subset of Gyft customers. Mountain View, Calif. based Gyft lets customers buy and use gift cards entirely from their mobile…
TalkTalk call centre staff manacled over security breach
Kelly Fiveash reports: TalkTalk has turned three workers—based at a call centre provider in India—over to the police, as part of its ongoing investigation into the budget ISP’s security practices, following a major hack on its systems last year. The company added that—in light of the arrests—it was considering ending its partnership with the call centre Wipro,…
NCH Healthcare employee data potentially compromised (UPDATED)
ABC7 has confirmed that data on two of NCH Healthcare System‘s computers may have been breached at the Cerner Data Center in Kansas City, Missouri. The information contained on the computer servers includes a medical staff credentialing database and employee information – no patient data was compromised. Read more on ABC7. NCH operates two hospitals: NCH Baker Hospital…