A press release from US Fertility (“USF”) follows. The Center for Fertility and Gynecology in California is not listed among USF entities in the press release. I mention that because the Center for Fertility and Gynecology still has not posted anything on their site or issued any press release about a ransomware attack that NetWalker…
Sophos notifies customers of data exposure after database misconfiguration
Catalin Cimpanu reports: UK-based cyber-security vendor Sophos is currently notifying customers via email about a security breach the company suffered earlier this week. “On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support,” the company said in an email…
Happy Thanksgiving
2020 has been so brutal that it feels almost risky to wish people a Happy Thanksgiving because I know that there are families who have lost loved ones this year and other families who are heeding advice not to travel or to gather in the large get-togethers you might otherwise enjoy on this holiday….
Fairchild Medical Center server was exposing patient information for 4.5 years until a security firm alerted them
Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure. Here’s their press release, below. Note that this does not (yet) appear on HHS’s breach tool. YREKA, Calif., Nov. 25, 2020 /PRNewswire/ — In…
PA: Part of Delaware County Computer System Down After Attacked By Hackers
Chad Pradelli and Cheryl Mettendorf report: Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up. Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. Prosecution evidence, however, has…
UK: Concern as personal data of 284 diabetic patients breached at NHS Highland
Chris MacLennan reports: A data breach at NHS Highland has led to the personal information of 284 patients with diabetes being shared with more than 30 people. The error, which occurred on Tuesday November 17, led to the names, dates of births, contact information and hospital identification numbers of the patients being revealed. Read more…