GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported the incident to HHS as impacting 109,234 patients. As HHS subsequently summarized things: After the breach, the [Covered Entity] implemented additional administrative and technical safeguards and retrained its staff on the…
Rideau Valley Health Centre service disrupted due to ‘cyber security incident’
Matthew Lapierre reports that the Rideau Valley Health Centre’s IT systems have been impacted by what sounds like a ransomware incident that knocked out use of their phone system and otherwise impaired their ability to function. In the meantime, the clinic said the majority of physicians would be able to attend previously scheduled appointments, but…
China May Seek Cyber Check for HK Listings of Firms Holding Data
Bloomberg News reports: China may require a cybersecurity review for companies holding data that plan to go public in Hong Kong, if it’s decided that the listing will potentially have an impact on its national security. The draft rule, published by China’s cyberspace regulator on Sunday, didn’t specify how the regulators will define if a…
VA: Hundreds of parents, students, staff at risk of identity theft as personal records found tossed on floor at Old Pulaski Middle School
Kelsey Jean-Baptiste reports: Concerns about confidential records being found thrown on the ground of the Old Pulaski Middle School have many worried. Hundreds of students, teachers, and staff are now at risk of having their private information stolen. Pulaski School superintendent, Dr. Kevin Siers says the documents date back to the 1970s. In pictures given…
Data of Lister fertility clinic patients and other medical practices compromised by ransomware attack on third-party vendor
Jay Jay reports: In a letter sent to about 1,700 patients, Lister Fertility Clinic said that a ransomware attack on Stor-a-file Limited, a firm that scans medical records for the clinic, compromised the sensitive information of patients. […] The document management firm said that the ransomware attack affected 13 organisations, six of them in the healthcare sector….