On September 9, Empress EMS in New York contacted HHS to report an incident that affected 318,558 patients. According to a notice on their website, an unauthorized individual gained access to their system on May 26 and copied what they describe as a “small subset of files” on July 13. On July 14, Empress discovered…
Fired Uber attorney testifies against ex-security chief in trial over 2016 data breach cover-up
Maria Dinzeo reports: A onetime attorney for Uber who was fired for his role in a suspected coverup of a major 2016 data breach took the stand in the criminal criminal obstruction trial of his former boss on Wednesday, testifying that ex-security chief Joe Sullivan was responsible for changes to a nondisclosure agreement with two…
The Great Resignation linked to a great data theft
Ian Barker reports: We’ve all heard of the Great Resignation, a pandemic-driven shift in people’s work preferences. But new research from Cyberhaven suggests that this has gone hand-in-hand with a huge stealing of data. Based on anonymized details from over 1.4 million workers and spanning 360,000 data exfiltration incidents and a broad sample of companies, including…
Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses
IC3.gov PIN 20220914-001 14 September 2022 TLP: WHITE Summary The FBI has received multiple reports of cyber criminals increasingly targeting healthcare payment processors to redirect victim payments. In each of these reports, unknown cyber criminals used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare…
Watchdog calls for mandatory data breach notification laws in Victoria
Joseph Brookes reports: Victoria’s privacy watchdog has called for data breach notification laws in the state after a government department failed to tell people their data had been exposed in a serious breach by a man convicted of sexually assaulting a child. The former case worker, Alexander Jones, is currently serving a six-year prison sentence for…
OIG Warns USCIS Over Unauthorized Access to Systems and Information
Kylie Bielby reports: The Office of Inspector General (OIG) says U.S. Citizenship and Immigration Services (USCIS) did not apply the access controls needed to restrict unnecessary access to its systems, networks, and information. Access controls help to limit individuals from gaining inappropriate access to systems or data. But an OIG audit has found that USCIS…