LONDON, Ky. – A Somerset, Ky., man, Jesse Kipf, 39, was sentenced to 81 months on Monday by U.S. District Judge Robert Wier, for computer fraud and aggravated identity theft. According to his plea agreement, Kipf intentionally accessed a computer without authorization and then obtained information from a protected computer for his own private gain and…
Privacy group fights European Parliament over ‘massive’ HR data breach
Antoaneta Roussi reports: The European Parliament’s headache over a major human resources data breach earlier this year just won’t fade. Austria-based digital rights group noyb on Thursday said it had filed two complaints against the European Union institution for infringing the bloc’s flagship privacy law, the General Data Protection Regulation (GDPR), over a data breach…
Top US oilfield firm Halliburton hit by cyberattack, source says
Liz Hampton reports: U.S. oilfield services firm Halliburton (HAL.N) on Wednesday was hit by a cyberattack, according to a person familiar with the matter. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with “leading…
Business Associate Agreements Matter: Demystifying the Perceived Simplicity of HIPAA Agreements
Shalyn Watkins of Holland & Knight writes: For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and Accountability Act (HIPAA), it is a requirement that the entity enter into a business associate contract, also…
National Public Data Published Its Own Passwords
Brian Krebs reports: New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its…
How many times has Carespring Health Management been attacked since last year? (1)
In October 2023, Carespring Health Care Management was the victim of a ransomware attack. It was not announced on its website, but in November, Carespring was listed on the NoEscape ransomware gang’s site. At the time, the threat actors claimed they had encrypted Carespring’s files and exfiltrated 364 GB of files. The incident never appeared…