OCR has settled a complaint against a covered entity for violations that first occurred prior to November, 2013, but continued thereafter. Yes, 2013. That’s when Steven A. Porter, M.D., first reported a breach to OCR that involved his business associate Elevation43. According to the complaint Porter filed at the time, and as described by OCR,…
French Firms Rocked by Kasbah Hacker?
Brian Krebs reports: A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and…
UK: Tesco issues 600,000 new Clubcards after credential stuffing attack
Kalila Sangster reports: Tesco (TSCO.L) is issuing new cards to 600,000 Clubcard account holders after discovering a security breach. The supermarket said some customers may have fallen victim to online fraud after a database of stolen usernames and passwords from other platforms had been tried out on its website. The use of the stolen data…
NZ: Tuia 250 privacy breach: Tech boss signed off on government website with no testing
Craig McCulloch of RNZ reports: A top tech boss at the Ministry of Culture and Heritage (MCH) reviewed the Tuia 250 website’s security and declared it “fit for purpose” just two months before a major breach was uncovered, new correspondence shows. […] Correspondence obtained by RNZ under the Official Information Act shows the website –…
MO: Detectives investigate data breach at Jefferson County School District
KMOV reports: The Jefferson County Sheriff’s Office is trying to determine the full extent of a data breach at the Hillsboro R-3 School District, but believe there could end up being dozens of victims. “We applied for search warrants on Friday, executed some search warrants and we were able to take into our custody a…
Legal services giant Epiq Global offline after ransomware attack
Zack Whittaker reports: Legal services giant Epiq Global has been hit by a ransomware attack. The company, which provides legal counsel and administration that counts banks, credit giants, and governments as customers, confirmed the attack hit on February 29. Read more on TechCrunch. A source came forward to Zack with additional details and information about…