A recent executive order is taking federal cybersecurity requirements a few step backwards. Is there anything positive about it? Dan Goodin reports: Cybersecurity practitioners are voicing concerns over a recent executive order issued by the White House that guts requirements for: securing software the government uses, punishing people who compromise sensitive networks, preparing new encryption…
Episource notifying 5.4 million patients of cyberattack in January
Episource, LLC, is a business associate that provides healthcare technology and solutions, specializing in medical coding, risk adjustment, and data analytics for health plans and providers. On February 6, anomalous activity in their system alerted Episource to a potential attack. In response, they shut down computer systems, initiated an investigation, called in a special team,…
Investigation of 2024 Helsinki data breach – Report
There’s a follow-up to the Helsinki incident affecting hundreds of thousands of children and adults in 2024. The government has finished its investigation and published its findings and recommendations. From their press release: The City of Helsinki’s Education Division (KASKO) was targeted by a serious data breach in spring 2024. As a consequence of the…
Major trial underway for data leak that left 72,000 victims in France
The Connexion reports: A large-scale trial is opening in Lyon this week after the discovery of a major data leak at a French work agency Adecco that left 72,000 victims in one of the most serious data-related frauds ever uncovered in France. 16 people are in the dock at the Lyon correctional court facing 22…
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
Maristel Policarpio, Sarah Pearl Camiling, and Sophia Nilette Robles write: A new ransomware-as-a-service (RaaS) group has emerged and has been making a name for itself in 2025. Anubis is a recently identified group that sets itself apart by partnering encryption with more destructive capabilities—wiping directories which severely impact chances of file recovery. Given its brief history and…
HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
Daniel Lopez reports: HealthEC LCC and its clients finally reached a settlement to resolve a class action data breach lawsuit involving a hacking incident and data breach in 2023. Analytics software vendor HealthEC, based in New Jersey, provides healthcare companies with a platform to determine high-risk patients and limitations to optimal healthcare. From July 14, 2023…