Natasha Bertrand and Eric Wolff report: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said. On Thursday, DOE…
Iranian nation-state hackers linked to Pay2Key ransomware
Sergiu Gatlan reports: Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil. “We estimate with medium to high confidence that Pay2Key is a new operation conducted by Fox Kitten, an Iranian APT group that began a new wave of attacks in…
Cyberattack hits Israeli companies, with Iran reportedly the likely culprit
Oops. I missed this one last week. Stuart Winer reports: A major cyberattack earlier this month hit dozens of Israeli logistics companies, with hackers making off with information from servers, according to a report of the incident by one of the victims filed Sunday to the Tel Aviv Stock Exchange. The attack hit Amital Data,…
NEXA Mortgage sued over broker’s alleged data theft
James Kleimann reports: In a lawsuit filed last week, a mortgage brokerage claimed that one of its former loan officers stole a database containing client names and information and brought it with him to a new job at NEXA Mortgage. Smart Mortgage, which operates in Illinois, Indiana, Colorado and Florida, filed suit against former senior loan…
MEDNAX Services notifies patients of data breach
Another business associate under HIPAA has disclosed a breach. You may not recognize their name, but they may handle your medical group’s billing or other functions, so if you get a letter from “MEDNAX,” don’t just assume it’s a scam. Florida-headquartered MEDNAX Services, Inc provides revenue cycle management and other administrative services to physician groups. …
OCR Releases Its 2016-2017 Audit Report on Health Care Industry Compliance with the HIPAA Rules
Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…