Jane Edwards reports: A draft of an executive order would direct software companies to inform federal agency clients in the event of a cyber attack within their organizations, keep more digital records and work with the Cybersecurity and Infrastructure Security Agency and the FBI on incident response efforts, Reuters reported Friday. The order would require multifactor authentication…
Category: Subcontractor
NC: Lexington Medical Center discloses vendor’s patient records data breach
Richard Craver reports: Lexington Medical Center said Friday that some patients have been affected by a data breach into the information technology platform of former third-party vendor Healthgrades Operating Co. Inc. The hospital said affected patients are being mailed notices by Healthgrades about the security incident. Healthgrades had assisted the hospital with patient and community…
Public Notice: State Auditor’s Office efforts regarding Accellion data security
Public Notice: State Auditor’s Office efforts regarding Accellion data security breach As reported, a security breach at Accellion, a third-party file transfer service impacted the Washington State Auditor’s Office (SAO) in late December 2020. SAO first learned about the breach in mid-January 2021. Since that time, SAO has taken steps to identify the data files…
County auditor states CIC software for timeclock has been down since last Tuesday
Danielle Linton-Hatfield reports: During a regular Saline County Commission meeting held on Thursday, March 25, Auditor Karlin Breshears explained the CIC software server for the Saline County Courthouse has been down since last Tuesday, March 16. […] Northern Commissioner Stephanie Gooden estimated there are 11-15 counties CIC provides services to. “They have municipalities and school…
Solairus Aviation Notice Regarding Avianis Data Security Incident
PETALUMA, Calif., March 23, 2021 /PRNewswire/ — Today, Solairus Aviation, a US-based aviation services company whose core business is assisting owners with the safe, reliable, and economical operation of their aircraft, announced that it identified and addressed a data security incident related to one of its third-party vendors. On December 23, 2020, Solairus was notified by a third-party vendor,…
Threat actors leak files with protected health information from U. Miami
In December and January, threat actors successfully exploited multiple vulnerabilities in an older file transfer system by Accellion. A number of Accellion’s clients subsequently found themselves on the receiving end of extortion demands to either pay the threat actors, or have their data dumped publicly. A number of firms apparently refused to pay, and their…