Scott Ferguson reports: In January, hackers compromised portions of the New York state government’s computer network by taking advantage of an unpatched vulnerability in Citrix enterprise software, according to the Wall Street Journal. While the New York State Office of Information Technology Services discovered the hacking incident on Jan. 28, officials did not disclose the breach…
Category: U.S.
Account details for 4 million Quidd users shared on hacking forum
Catalin Cimpanu reports: Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, appears to have suffered a data breach in 2019, and the details of around four million users are now being shared for free on underground hacking forums. The data, of which ZDNet has obtained samples from three different sources, contains Quidd usernames,…
MD: Doctors Community Medical Center notifies patients after phishing incident put patient info at risk
Doctors Community Medical Center in Maryland is notifying an unreported number of patients whose protected health information was potentially compromised by a phishing incident. In January, the center noticed unusual network activity in its payroll system. Their investigation revealed that a number of employees had fallen for a phishing attack and that the attacker(s) had…
Saint Francis Ministries Will Be Notifying Patients of Breach
Saint Francis Ministries issued a press release on Friday. It states, in relevant part: On December 19, 2019, Saint Francis became aware of suspicious activity relating to one of its employee’s email accounts. Saint Francis took steps to secure the email account and began working with outside computer forensics specialists to determine the nature and scope of the activity. On February…
Personal Touch and Crossroads Technologies sued after Maze Team attack
As reported by TopClassActions: A former patient says that home health provider Personal Touch failed to protect patients and customers from a ransomware attack on their computerized records. The hospital ransomware class action lawsuit was filed by plaintiff Lugenia Booker, who says that her personal information was included in the computer records of Personal Touch Holding…
A business associate’s response to a breach raises questions of timeliness
I know we’re in the middle of a pandemic, but an incident involving Avalon Health Care Management occurred before all that. And once again, I find myself scratching my head over the timeline in a notification and how Health & Human Services/Office for Civil Rights will view the timeline in terms of compliance with the…