On December 21, Children’s Hospital Los Angeles and the Children’s Hospital Los Angeles Medical Group learned that a laptop had been stolen from a locked car of one of the physicians. The laptop, which contained minor children’s protected health information, was unencrypted. According to a notification letter dated January 13, a copy of which was…
Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers
Lorenzo Franceschi-Bicchierai reports: A 21-year-old from Virginia plead guilty on Friday to writing and selling custom spyware designed to monitor a victim’s keystrokes. Zachary Shames, from Great Falls, Virginia, wrote a keylogger, malware designed to record every keystroke on a computer, and sold it to more than 3,000 people who infected more than 16,000 victims…
Email account with patient information at U. Maryland doctors group hacked
Andrea K. McDaniels reports: A doctor’s practice plan affiliated with the University of Maryland School of Medicine has notified patients that somebody hacked the account of a physician assistant’s email account that contained the personal information of patients. The orthopedics practice at The University of Maryland Faculty Physicians Inc. mailed letters to about 1,500 patients…
Misconfigured Server Gives Insight Into Cerber Ransomware Operation
Catalin Cimpanu reports: Security researchers have gained access to one of the servers used by the Cerber gang, from where they were able to extract basic statistics about their operation. A security researcher that only goes by the nickname of Racco42 discovered the vulnerability on Thursday, January 12. The issue affected only one Cerber server, not all,…
Summit Reinsurance Services breach affected 19,000
The Summit Reinsurance Services ransomware breach, noted previously on this site, is beginning to attract more attention. First State Update reports: As a result of multiple consumer complaints, the Delaware Department of Insurance has been made aware of a security breach, involving Summit Reinsurance Services, Inc. (“SummitRe”) and BCS Financial Corporation, both subcontractors of Highmark…
Need help because your MongoDB installation was hit by ransomware?
For the past week, this site has been providing updates on previous coverage about a wave of ransomware attacks hitting misconfigured MongoDB installations. New instances continue to be detected by researchers on a daily basis. The attacks have shown no geographic or sector boundaries – any MongoDB installation indexed by Shodan.io that had or has…