I was working today on adding details to spreadsheets that I use in calculating the gap between breach and discovery, and between discovery and notification. One of the incidents I was looking into today involved a report from Lafayette Regional Rehabilitation Hospital in Indiana. On November 25, they learned that in July, 2019 someone had…
A business associate’s response to a breach raises questions of timeliness
I know we’re in the middle of a pandemic, but an incident involving Avalon Health Care Management occurred before all that. And once again, I find myself scratching my head over the timeline in a notification and how Health & Human Services/Office for Civil Rights will view the timeline in terms of compliance with the…
San Francisco Intl Airport discloses data breach after hack
Sergiu Gatlan reports: San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020. According to a notice of data breach sent to all SFO Airport commission employees via an internal memo, the attackers may have gained access to the login credentials of users registered on the two…
BlackBerry Says Govt Hackers Stole World’s Sensitive Data For 10 Years
Sarthak Dogra reports: BlackBerry Ltd. has come up with a sensational report that indicates that Chinese state sponsored hackers have been stealing data from computers across the globe for almost around a decade. A major reason for this unnoticed attack is its target, Linux operating systems. Blackberry makes the claim in a new 44-page long report. It claims…
U.S. SEC settles with two traders over 2016 EDGAR filing system hack
Reuters reports: The U.S. securities regulator on Thursday said it had settled with two traders who allegedly made money trading on material nonpublic information stolen through a hack into the agency’s EDGAR electronic filing system. The traders were among several defendants charged by the agency last year for a 2016 hack that the Securities and…
Suspecting Cyber Attack, Mediterranean Shipping Company Reports Network Outage – Update
Mike Schuler reports: Mediterranean Shipping Company says it has experienced a network outage and it cannot rule out the possibility of a cyber attack, the company said Friday. The outage began in one of MSC’s data centers in Geneva, Switzerland and the company shut down its servers in response. In an update late Friday, the…