A Romanian national was sentenced yesterday in federal court in Springfield, Massachusetts, in connection with a multi-state ATM card skimming scheme. The following information is provided by the Department of Justice: Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Andrew E. Lelling for the District of Massachusetts, Special Agent…
Understanding When Business Associates Are Directly Liable Under HIPAA
Aimee Jachym and Samantha A. Kopacz of Miller Canfield PLC write: New guidance issued by the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) reaffirms that business associates must have proper HIPAA compliance practices, safeguards and documentation in place in order to avoid costly penalties. OCR recently released a Fact…
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records
Another Elasticsearch misconfiguration found by SecurityDiscovery. You can read about it here.
Australian National University data breach stretching back 19 years detected; Affects approximately 200,000
ABC in Australia reports: The Australian National University has been hit by a massive data hack, with unauthorised access to significant amounts of personal details dating back 19 years. A sophisticated operator accessed the ANU’s systems illegally in late 2018 but the breach was only detected two weeks ago, the university said in a statement….
Almost 100,000 Australians’ private details exposed in attack on Westpac’s PayID
Ben Grubb and Clancy Yeates report: The private details of almost 100,000 Australian bank customers have been exposed in a cyber attack on the real-time payments platform PayID, which allows the instant transfer of money between banks using either a mobile number or email address. The attack on Westpac, which also affects customers from other…
Ca: Weight Loss Grants posts customer health information without consent
Sean O’Shea reports: A company that promised to pay customers for losing weight has posted personal information about clients, including their names, weights, weight loss goals and even facial photographs on its website. Weight Loss Grants revealed the personal information without clients’ consent after news reports described how the organization failed to make payments to…