Bianca Reyes has an update on the Eskenazi ransomware incident that this site has been reporting on since August: Roughly three months after Eskenazi Health released a statement announcing a cyber security breach that compromised personal data, some patients are just now receiving that news in the mail. According to this release posted last month, Eskenazi…
Category: U.S.
Data Breach Rule for Health Apps Leaves Developers in the Dark
Christopher Brown reports: Makers of health apps are scrambling to understand the extent of their legal liability after a divided Federal Trade Commission announced they’re now required to inform users about data and privacy breaches—and if they have used their customers’ health data without authorization. The commission approved 3-2 a policy statement that the makers of health…
More Accusations About a Canadian Hacker in the Wake of a Hoax Email from FBI Portal
The email in my inbox on Friday night had the subject line, “Hey sexy,” and appeared to come from “[email protected]” <[email protected]>. Under normal circumstances, I would have just sent it to trash, but the Twitter user known to me as “Pompompurin,” had alerted me to check my email for what he described as a funny…
Critical Infrastructure Protection: Education Should Take Additional Steps to Help Protect K-12 Schools from Cyber Threats
GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…
VA: Hundreds of parents, students, staff at risk of identity theft as personal records found tossed on floor at Old Pulaski Middle School
Kelsey Jean-Baptiste reports: Concerns about confidential records being found thrown on the ground of the Old Pulaski Middle School have many worried. Hundreds of students, teachers, and staff are now at risk of having their private information stolen. Pulaski School superintendent, Dr. Kevin Siers says the documents date back to the 1970s. In pictures given…