From the U.S. Department of Justice, October 21: Proposed Rule Would Establish New Program to Implement Executive Order to Prevent Access to Americans’ Sensitive Personal Data by Russia, Iran, China, and Other Countries of Concern Note: Read the Department’s fact sheet on this matter here. The Justice Department today issued a Notice of Proposed Rulemaking (NPRM) to implement…
Rocky Mountain Gastroenterology appears to have been attacked by three different groups; more than 169,000 patients affected (1)
Update: On November 13, Rocky Mountain Gastroenterology (RMG) reported the incident to HHS OCR as affecting 366,491 patients. RMG never responded to the inquiries this site submitted to it on October 19 and October 27. SuspectFile reports: This article will cover what appears to be a triple cyberattack on the IT systems of Rocky Mountain Gastroenterology (RMG), a…
2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’
DataBreaches recently posted a press release from HHS OCR that announced a settlement with Cascade Eye and Skin Centers following a ransomware investigation. Theresa Defino of Report on Patient Privacy (RPP) dug into the incident and investigation more, and her reporting services as a great reminder that HHS’s press releases frequently do not really answer…
Dutch police post warning message in Telegram groups after four data broker arrests
After various investigations, the police have arrested several data traders in various locations in the Netherlands in the past period. They are suspected of involvement in the sale of personal data. This data was traded within various Telegram groups. In these groups, warning messages are now being placed by the police. Through data theft, hacks…
Federal grand jury indicts Buffalo Police detective for purchases made on illicit online marketplace and making false statements to the FBI
BUFFALO, N.Y. — U.S. Attorney Trini E. Ross announced today that a federal grand jury has returned an indictment charging Terrance Michael Ciszek a/k/a DrMonster, 34, of Buffalo, NY, with possession of unauthorized access devices with intent to defraud and making a false statement to an agency of the United States, which carry a maximum…
Cisco takes DevHub portal offline after hacker publishes stolen data
Lawrence Abrams reports: Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked “non-public” data, but it continues to state that there is no evidence that its systems were breached. “We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables…