In an intriguing follow-up to a case I reported in April concerning a hack-extortion incident involving TheDarkOverlord, Janko Roettgers reports that Larson Studios actually paid TheDarkOverlord’s 50 BTC demand. That alone would be surprising and newsworthy (there had been no payments made to the BTC wallet address given in the extortion contract), but Roettgers also…
Search Results for: HCA
The messy, messy month of May
Compiling data for Protenus, Inc.’s breach barometer should be relatively routine and straight-forward. In May, however, it wasn’t. Here’s a rundown on the factors that complicated our analyses: Investigating patient data put up for sale on the dark web. Determining whether the breaches were legitimate or fake turned out to be headache-inducing, as the following scenarios…
NYS settles with CoPilot Provider Services over delayed breach notification to 220,000 patients
There’s a follow-up to an incident reported by DataBreaches.net in January and February involving CoPilot Provider Services. As I had reported in January, CoPilot took more than one year to notify individuals of a breach involving their web site, and would not answer any questions as to why it took so long. As I subsequently…
HHS is considering changes to OCR’s ‘wall of shame’—and experts are divided on the impact
Evan Sweeney reports: The Department of Health and Human Services is exploring potential changes to the agency’s “wall of shame,” a legislatively mandated website that tracks healthcare data breaches dating back to 2009. During a hearing addressing cybersecurity concerns in healthcare last week, Leo Scanlon, deputy chief information security officer at HHS, told Rep. Michael…
Fast Health in Tehachapi suffers security breach
ABC23 reports: Fast Health in Tehachapi is reporting a security breach that could affect over 700 of their patients. The business says a third-party altered a code on their server, stealing the credit card information of close to 700 customers who paid bills online from January 14, 2016 to December 20, 2016. Medical information was…
HHS OIG: Virginia failed to secure Medicaid data
Jessica Kim Cohen reports that a Virginia audit has highlighted security issues with Medicaid data: During its audit, OIG found Virginia’s Medicaid data and systems did not meet federal standards. MMIS had “numerous significant system vulnerabilities,” despite having a security program in place, according to OIG. These vulnerabilities related to Virginia’s control over the data…