Sean Gallagher reports: An internal White House memo published today by Axios reveals that recent changes to the information operations and security organizations there have left the security team in tumult, with many members headed for the door. And the chief of the White House’s computer network defense branch—who wrote the memo after submitting his…
Category: U.S.
OCR Imposes a $2.15 Million Civil Money Penalty against Jackson Health System
Note: coverage of the breaches referenced below can be found on this stie by searching it for “Jackson Health System.” The following is a press release from the U.S. Department of Health Office for Civil RIghts: The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has imposed a civil…
Ransomware Hits B2B Payments Firm Billtrust
Brian Krebs reports: Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week. The company said it is in the final stages of bringing all of its systems back online from backups. With more than 550 employees, Lawrence Township, N.J.-based Billtrust is a cloud-based service that lets customers view invoices, pay, or…
Phishing Incident at Kalispell Regional Healthcare May Have Affected 129,000 Patients
Myers Reece reports: Beginning today, Kalispell Regional Healthcare is mailing out letters to nearly 130,000 patients whose personal information may have been involved in a data breach over the summer. Patients’ personal information may have included their name, address, medical record number, date of birth, telephone number, email address, medical history and treatment information, date…
Another Civil Case Launched Against AT&T for Allegedly Failing to Prevent Crypto Theft
Cali Haan reports: A plaintiff called Seth Shapiro is suing telco giant AT&T for its role in allegedly allowing hackers to access his cellphone on four occasions and enable the theft of $1.8 million USD in cryptocurrencies from his crypto exchange accounts. SIM-swapping is a type of hack in which cybercriminals arrange with a telco employee to…
Equifax used ‘admin’ as username and password for sensitive data: lawsuit
Ethan Wolff-Mann reports: Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The lawsuit, filed in January, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. Read more…