The Department of Justice announced a stunning arrest today of key players in one of the most damaging threat actors in the last decade. Kudos to all involved in their arrests. You can read the DOJ’s full press release below, but let’s start with a quote from a FIN7 hunter: “FIN7 is the most prolific and…
Search Results for: HSE
Protenus Mid-Year Breach Barometer report on health data breaches is out
Protenus, in collaboration with DataBreaches.net, has released its Breach Barometer Mid-Year Review of breaches involving health data. You can access their free report here (pdf). Heather Landi of Healthcare Informatics also has a good write-up of the webinar we held this week to discuss the report. I’ll have more to say on the report –…
HospitalGown Database Leak: Enterprise Apps Found Leaking Data On Back End Servers
AJ Dellinger reports: Mobile apps for enterprise services that manage data are leaving massive troves of user information exposed and unprotected on backend servers, according to a group of security researchers. Experts at Appthority, a mobile security firm, published a report that showed 43 terabytes of data from enterprise apps left exposed. The information was…
Tullamore Hospital patient’s information sent to wrong person after data blunder
If you’re going to misdirect a fax containing patient info, at least try not to misdirect it to the data protection commissioner’s fax number! Justin Kelly reports: A data breach at Tullamore Hospital is among 212 cases revealed today, the Irish Independent have reported. 212 data protection breaches, where patient’s private information was misused or mishandled,…
FBI: $2.3 Billion Lost to CEO Email Scams
While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…
FTC Says Listen Up When Vulnerability Reports Come In
James Denvil and Paul Otto of Hogan Lovells write: The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS…