Mike Miliard reports: The U.S. Department of Health and Human Services is warning hospitals and health systems that a security vulnerability in picture archive communication systems, first discovered two years ago, is a problem that needs fixing now. WHY IT MATTERS In 2019, cyber researchers found a flaw in some PACS that, if exploited, could…
Russia ‘Cozy Bear’ Hackers Breached GOP as Ransomware Attack Hit
I could be wrong, but maybe Putin wasn’t being totally sincere when he indicated he would work with U.S. on dealing with hacking from Russia. William Turton and Jennifer Jacobs report: Russian government hackers breached the computer systems of the Republican National Committee last week, around the time a Russia-linked criminal group unleashed a massive ransomware attack,…
The Waikato DHB breach: What do NZ regulations consider reasonable security?
DataBreaches.net reports on breaches from many countries, including New Zealand. On my companion site, PogoWasRight.org, I’ve posted approximately 200 news stories about privacy incidents there, their privacy laws, and decisions by their privacy commissioner. And on this site, I’ve posted almost 200 more articles about breaches impacting New Zealand. But when the Waikato District Health…
PracticeFirst notifies patients and employees after ransomware incident
Yesterday, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about an incident that occurred last year. From their release: What Happened? On December 30, 2020, We learned that an unauthorized actor who attempted to deploy…
British Airways settles with 2018 data breach victims
Reuters reports: British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked, the court-appointed lead solicitors in the case said on Tuesday. Law firm PGMBM said those affected by the data leak would receive a confidential settlement following mediation with…
Some Kaseya victims privately negotiating with REvil
While the headlines blare about REvil offering to decrypt all victims of the Kaseya attack if they are paid $70 million, some companies have apparently already taken to individual negotiations with the threat actors. Over on SuspectFile, Marco A. De Felice is careful not to name the victim, but describes one such set of negotiatons…