Phil Muncaster reports: A healthcare technology company leaked 12 million records on patients including highly sensitive diagnoses, before the exposed cloud server was struck by the infamous “meow” attacker, researchers have revealed. A team at SafetyDetectives led by Anurag Sen discovered the leaky Elasticsearch server in late October after a routine IP address scan, although…
OCR Settles Thirteenth Investigation in HIPAA Right of Access Initiative
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announces its thirteenth settlement of an enforcement action in its HIPAA Right of Access Initiative. OCR announced this initiative as an enforcement priority in 2019 to support individuals’ right to timely access their health records at a reasonable cost…
Update: Ransomware downed UVM Medical Center systems, but no payment made
Katie Jickling reports: University of Vermont Medical Center’s IT chief revealed Tuesday that it was a ransomware attack that downed the hospital’s online systems in October. Jickling’s article provides a helpful update from what happened to how things are going with restoration. The hit was obviously a serious one, as information on 1,300 servers was encrypted, and the…
UK: Pensions firm NOW tells some customers a ‘service partner’ leaked their data all over ‘public software forum’
Matthew Hughes reports: Workplace pension provider NOW: Pensions has emailed a number of UK customers to warn about a data leakage caused by contractor error. The email, seen by this publication, claims a service provider “unintentionally” posted user data to an unnamed “public software forum”. These records include biographical data (names, email addresses, and dates…
KY: Jefferson County PVA office hit by ransomware attack
Chris Otts reports: The Jefferson County Property Valuation Administrator‘s office has been hit by a ransomware attack, in which hackers are holding the agency’s data hostage for payment, PVA Colleen Younger said in an interview Monday. Younger told WDRB that the agency learned of the attack on Wednesday and had closed its office — where…
De: Funke Media Group victim of cyberattack; widespread impact
NRZ reports (translation): The FUNKE media group, to which this website belongs, was the victim of a hacker attack on Tuesday. Numerous computer systems throughout Germany were affected – including our editorial offices and printing houses. The newspapers of the FUNKE media group can unfortunately only appear with an emergency issue on Wednesday. To ensure that all…