David Balser, a partner at King & Spalding, writes: When a company discovers that it has been a victim of a data breach, it is essential to act quickly. In particular, an issue of critical importance is when and how a breached company discloses the data breach to customers, business partners, regulators and the general…
Oklahoma State University – Center for Health Services Pays $875,000 to Settle Hacking Breach
There’s an update to a breach previously reported on this site in 2018. From HHS: Oklahoma State University – Center for Health Sciences (OSU-CHS) has paid $875,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and agreed to implement a corrective action plan to settle potential…
Holy Ghost ransomware operation linked to North Korean hackers
Ionut Ilascu reports: For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries. The group has been active for quite a while but it failed to gain the notoriety and financial success of other gangs even if the operation followed the same recipe:…
Long Island Man Convicted of over $600 Million Health Care Fraud, Wire Fraud and Identity Theft Scheme
July 13, 2022 — Earlier today, a federal jury in Central Islip returned a guilty verdict on eight counts of a superseding indictment charging Mathew James with perpetrating an over $600 million health care fraud scheme, which also included wire fraud and aggravated identity theft charges. The verdict followed a six-week trial before United States…
DHS: Cyber Safety Review Board Releases Unprecedented Report of its Review into Log4j Vulnerabilities and Response
Report Includes 19 Specific Recommendations for Government and Industry WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report, which includes 19 actionable recommendations for government and industry. The recommendations from the CSRB – an unprecedented public-private initiative that brings together government and industry leaders to…
Software Engineer Joshua Schulte Convicted In Biggest Theft Ever Of CIA Secrets
Joshua Schulte, who called himself “Bad Ass,” and who was also called “Voldemort” by colleagues in the C.I.A.’s Operations Support Branch, was convicted by a federal court jury in New York of sending the CIA’s “Vault 7” cyber-warfare tools to WikiLeaks in 2017. Larry Neumeister and Tom Hays of AP report: A former CIA software…