Protenus’s 2020 BreachBarometer is now available for free downloading. From their highlights: Our analysis is based on 572 health data breaches reported to the U.S. Department of Health and Human Services (HHS), the media, or some other source during 2019 (Figure 1). As in years past, we do not have numbers for every incident in…
Category: U.S.
FL: NCH Healthcare (finally) sends breach notification letters for June, 2019 breach
In August, 2019, this site reported on an incident at NCH Healthcare in Florida. At the time, it was not clear whether patient data was impacted in the phishing incident. The entity had become aware of suspicious activity on June 14, but by mid-August, there was no report on HHS’s public breach or detailed disclosure….
NY: East House Provides Notice Of Data Privacy Event
East House is a private, nonprofit agency in Rochester, New York that serves individuals with persistent mental illness and/or substance use disorder. Yesterday, they issued a press release about a breach: ROCHESTER, N.Y., Feb. 17, 2020 /PRNewswire/ — Although unaware of any actual or attempted misuse, East House is providing notice of a data privacy event impacting the…
Data breach at Monroe County Hospital & Clinics results in notification to 7,500 patients
Tyler J. Davis reports: More than 7,000 patients of a south-central Iowa medical system have been notified that their personal information may have been leaked in a data breach. Monroe County Hospital & Clinics said in a news release Monday that approximately 7,500 people were notified that the breach may have led to unauthorized access…
Cop’s Strip Club Dancer Plate Search May Test Scope of Hack Law
Sara Merken reports: The U.S. Supreme Court may decide if someone who improperly uses their authorized computer access, such as a cop looking up a strip club dancer’s license plate as a favor, can be liable under a federal anti-hacking law. A December petition seeks the high court review because appeals courts are split on…
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
Catalin Cimpanu reports: 2019 will be remembered as the year when major security bugs were disclosed in a large number of enterprise VPN servers, such as those sold by Pulse Secure, Palo Alto Networks, Fortinet, and Citrix. Read more on ZDNet.