In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it March? On April 16, external counsel for LD Evans, CPA provided notification that began; On March 4, 2019, LD Evans learned…
Category: U.S.
New Malicious Medical DICOM Image Files Cause HIPAA Headache
Sergiu Gatlan reports: Malicious DICOM files can be crafted to contain both CT and MRI scan imaging data and potentially dangerous PE executables, a process which can be used by threat actors to hide malware inside seemingly harmless files. Cylera’s Markel Picado Ortiz achieved this by taking advantage of a DICOM format design flaw which…
UT: Ransomware attack hits Garfield County, shutting off its computer access for weeks
Ben Winslow reports: A ransomware attack hit Garfield County’s computer systems, crippling them for weeks before they were able to pay to get access to their own data, officials confirmed to FOX 13. “All of our data had been taken,” Garfield County Attorney Barry Huntington said of the recent data breach. Someone clicked on a…
WA: RS Medical notifies patients because an attacker potentially had access to their information
On April 7, RS Medical disclosed an incident that had the potential to compromise patient information. A copy of the notification from the Vancouver, Washington entity, obtained by DataBreaches.net, indicates that the attacker may not have been particularly interested in patient information, though: The primary purpose of the breach, as determined by internal investigation, was…
Microsoft: Hackers compromised support agent’s credentials to access customer email accounts
Ingrid Lunden and Zack Whittaker report: … Microsoft has confirmed to TechCrunch that a certain “limited” number of people who use web email services managed by Microsoft — which cover services like @msn.com and @hotmail.com — had their accounts compromised. “We addressed this scheme, which affected a limited subset of consumer accounts, by disabling the…
CA: Student council presidential election hacked by candidate
AP reports: The first online election for student government at Berkeley High School became a lesson in more than democracy. Students also learned about vote fraud, hacking and digital privacy after a high school junior who was running for class president cast hundreds of fake online votes for himself. As many as 2,400 students were…