Lindsay Clark reports: Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyber-attack aimed at health software company Ortivus. In a statement, the Sweden-headquartered software vendor said it was subject to a cyber-attack on July 18 which hit UK customer systems within its hosted datacenter…
Category: Subcontractor
Norway says Ivanti zero-day was used to hack govt IT systems
Sergiu Gatlan reports: The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. The Norwegian Security and Service Organization (DSS) said on Monday that the cyberattack did not affect Norway’s Prime Minister’s Office, the…
Law Firm Hack Affects Victims of an Earlier Breach Again
Marianne Kolbasuk McGee reports: A global law firm is notifying nearly 153,000 individuals of a hacking incident that compromised several client files. The files contained sensitive personal information and affects vision care patients who had been victims of a breach three years ago. Orrick, Herrington & Sutcliffe on July 20 reported the data breach to…
CalPERS CEO gives update on data hack that exposed Social Security numbers, birth dates
Maya Miller reports an update by California Public Employee and Retirement System on the MOVEit breach by their vendor, PBI Research/Berwyn Group: In the Monday update, Frost said CalPERS has received nearly 4,000 calls about the breach at its own customer contact center. The average wait time is one minute, she said. Retirees can also…
Hillsborough notifies 70,000 of potential data breach in health, aging services
C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Another business associate attack results in theft of patient data — Panorama Eyecare
Panorama Eyecare in Colorado is a physician-owned firm providing business associate services to vision care providers: Earlier today, the firm was added to LockBit’s leak site with a claim that 798 GB of data had been exfiltrated from four of the firm’s clients: Eye Center of Northern Colorado Denver Eye Surgeons Cheyenne Eye Clinic &…