What do you do when you have suffered an embarrassing data breach, your attacker(s) are taunting and criticizing you publicly, and some of your data has already been leaked? This month, DataBreaches notes that two victims in different countries are both seeking court injunctions in the hope that they can get stolen data removed from…
Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle
Jonathan Greig reports: Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would provide $1.3 billion for the Department of…
IL: Confidential student information released in District 203 data leak
For your “No need to hack if it’s leaking” files, C. J. Getting reports: Confidential student information was unintentionally leaked in Naperville Central’s School Improvement Plan, which was released publicly on Friday, Sept. 20. It was removed on Tuesday, Sept. 24 around 3:35 p.m. when Central Times staff brought the breach to the attention of…
HHS Office for Civil Rights Settles Ransomware Cybersecurity Investigation for $250,000
The following is a press release from HHS OCR concerning a settlement stemming from a March 2017 ransomware attack experienced by Cascade Eye & Skin Centers in Washington. DataBreaches was not previously aware of this incident and can find no news coverage of it at the time nor any entry on HHS’s public breach tool…
Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services
A press release from the U.S. Department of Justice: The Justice Department today announced actions coordinated with the Department of State, Department of the Treasury, and other federal and international law enforcement partners to combat Russian money laundering operations. The actions involved the unsealing of an indictment charging a Russian national with his involvement in…
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Ravie LakshmananRavie Lakshmanan Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an…