Catalin Cimpanu reports: On Wednesday, November 29, a Kansas City court sentenced a Missouri man to six years in federal prison without parole for hacking his former employer, stealing trade secrets, and for accessing child pornography. The man is Jacob Raines, 38, of Parkville, Missouri, who worked as IT manager for American Crane & Tractor…
Real Time Health Quotes leak affected health insurance applicants
So it appears I missed a third-party vendor/business associate leak that affected at least two covered entities and possibly more. Great thanks to Humana for sending along the vendor’s press release when I inquired about a breach report Humana had made to HHS as affecting 5,764 members or potential members. It turns out that the…
July Systems data leak: Massive trove of sensitive information exposed online via unsecured database
India Ashok reports: A massive trove of sensitive data was left freely exposed online by San Francisco-based July Systems. The company’s cloud-based location intelligence and engagement platform called “Proximity MX”, which contains proprietary information belonging to the firm and its clients, were exposed via unsecured Amazon S3 databases. […] According to security researchers at Kromtech,…
Baptist Health Louisville notifies 880 patients after phishing incident
Baptist Health Louisville in Kentucky recently notified 880 patients of a phishing incident. The incident was also reported to the U.S. Department of Health and Human Services. According to a substitute notice in response to the breach, on October 3, Baptist Health discovered that an employee’s email account credentials were obtained by an unauthorized third-party…
Iranian Hackers Have Set Up a News Outlet to Court Possible Targets, Security Firm Says
CTech reports: An Iranian cyber espionage group known as Charming Kitten is believed to be behind a campaign targeting academic researchers, human rights activists, media outlets and political advisors focusing on Iran, according to a report published earlier this week by Israel-based threat intelligence company ClearSky Cyber Security. The group has also set up a…
Mercy Health/Love County Hospital And Clinic Patients Notified Of Medical Records Incident
The press release below from Mercy Health/Love County Hospital is described as a supplement to an incident that they – and we – first reported in July. In September, the entity notified HHS that they had notified 13,004 patients, a notification that they reference below as a precautionary measure. I’m not sure why they needed…