September 13, 2016 – 10:10 p.m. EDT Dear EurekAlert! Registrants: The EurekAlert! website has been taken offline as AAAS works diligently to address a serious security breach. We are taking this step out of an abundance of caution. The integrity of content on our website is of the utmost concern to us. On September 11,…
Category: U.S.
Laptop stolen from U.S. Healthwork was encrypted, but alas, the password was with it
U.S. Healthwork has notified HHS and 1400 patients after a laptop with protected health information was stolen from an employee. Although the laptop was encrypted, the password was stolen with the laptop. Notice to our Patients Regarding a Privacy Incident U.S. HealthWorks understands the importance of protecting the security of personal information of our patients….
NJ: Maplewood tax firm hacked; data held for ransom
Having spent years interviewing hackers who described themselves as hacktivists or as hacking for the lulz, talking to hackers who engage in criminal hacking as a source of income has been…. educating, to say the least. But it’s also been a reminder that too many businesses really have no clue what they’re doing – not only in…
OR: Portland financial firms warns 20,000 clients after laptop stolen from employee’s car
Matthew Kish reports: One of Oregon’s largest financial firms has warned clients of a possible data breach. Portland-based M Holdings Securities Inc., a subsidiary of M Financial Holdings Inc., has informed California’s attorney general of a stolen laptop with client information, including social security numbers. The theft occurred July 29 in Salem. […] O’Connor said the laptop…
Law Firms Are “One-Stop Shopping” for Hackers, as Hickey Law Firm Found Out
Randy Evans and Shari Klevens write: This year has shown that law firms are not immune from infiltration by international hackers. This spring, a Russian hacker targeted 48 top law firms, seeking to obtain confidential insider information regarding mergers and acquisitions that would be very valuable and could impact global markets. […] These are not…
It’s 10 pm somewhere. Do you know where your old databases are?
An old database that seems to have magically reappeared online more than a decade after it was removed reminds us of an often-overlooked risk. In January, DataBreaches.net reported that a behavior intervention therapist’s database was exposed online due to a misconfigured MongoDB installation. What struck me about the incident was that the therapist likely had no idea that a company she had…