First it was a hospital serving up ransomware to web site visitors. Now the website of the EC-Council, who are responsible for the Ethical Hacker certification, is reportedly serving up the Angler exploit kit to infect PCs. And as we heard with the Norfolk General Hospital, it seems to be difficult to notify them and get a response from the…
Category: U.S.
NY: Focused Technologies Imaging Services to pay more than $3 million for illegal and covert outsourcing of 16 million fingerprint cards to India for data entry
New York State Inspector General Catherine Leahy Scott and Attorney General Eric T. Schneiderman today announced that an Albany-area tech company and its principals will pay more than $3 million in fines for violating State contract security protocols by outsourcing millions of fingerprint records containing sensitive personal information to a company in India for data…
Crooks Steal, Sell Verizon Enterprise Customer Data
Brian Krebs reports: Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data, KrebsOnSecurity has learned. Earlier this week, a prominent member of a…
Elliot J. Martin Chiropractic notification to patients of HIPAA breach
Ah. I was waiting for an explanation of an entry in HHS’s breach tool about a Long Island chiropractic practice incident that impacted 1,200 patients. Here it is, below. I’m pleased to see that the doctor is now removing some identity information from the system. I wish more practices would do that. This Notice of Potential Breach of Personal…
Jury Awards Calif. Mortgage Co. $25M For Rival’s Data Theft
There’s a follow-up to an insider theft case previously noted on this site. Y. Peter Kang reports: A California state jury on Tuesday awarded $25.1 million in damages to Mount Olympus Mortgage Co., finding rival mortgage lender Guaranteed Rate Inc. liable for illegally transferring hundreds of private consumer loan files from MOMCo’s computer systems, according…
IRS suspends new security feature for lack of security
From the we-should-have-expected-this dept., Adam Winer reports: An IRS program that was supposed to help protect vulnerable taxpayers has been partially suspended, because it turns out the program wasn’t all that secure. An “IP pin code” program is supposed to add another layer of security to those filing tax return forms, but in March, the…