As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to whether the firm had been an Accellion client. They had. Qualys issued a statement later yesterday. It said, in part: Qualys has confirmed that there is no impact on the Qualys production environments, codebase or…
Category: Subcontractor
AllyAlign notifies 76,348 members and providers of ransomware attack
AllyAlign Health (AAH), a Medicare Advantage special needs plan administrator, recently notified 76,348 members and providers of an attempted ransomware attack. But how successful were the threat actors? And what could the Virginia firm figure out and what couldn’t they figure out based on their investigation? According to AAH’s notification letter, the attack occurred on…
Security breach prompts lockdown of some Manitoba student databases
Josh Crabb reports: Electronic databases that contain personal information about some Manitoba students have been temporarily shut down following a security breach. The Maplewood system is run by an Ontario company and is used by 14 school divisions in Manitoba. There’s no evidence any data or personal information was compromised but some parents still have…
In a year of supply-chain attacks, do you have your business associate agreements in place?
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
Your personal data may have been compromised, Malaysia Airlines tells its frequent flyer members
Shahrin Aizat Noorshahrizam reports: National carrier Malaysia Airlines informed members of its frequent flyer programme Enrich that there had been a “data security incident” at one of its third-party IT service providers. According to the airlines, the incident happened between a nine-year-period from March 2010 to June 2019. Read more on Malay Mail. The airline’s…
Israeli company engaged by Jamaica targeted by cyber crooks
Livern Barrett reports: The Jamaican Government, after months of silence, has disclosed that it has signed a five-year J$4-billion contract with the Israeli firm ELTA Systems Limited, but has sought to assure Jamaicans that they have nothing to fear. The disclosure and simultaneous assurance comes two months after a report by a technology website based…