Quest Diagnostics, which operates medical laboratories, has announced that 34,000 customer records were exposed during a hacking incident that occurred on November 26th. The hacker obtained access to the information through...more
The tally of records breached in 2016 (through November) globally was over 2.1 billion, according to IT Governance. With the announcement yesterday of Yahoo’s breach of another 1 billion records, that tally is now up to 3.1...more
12/16/2016
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Email ,
Hackers ,
Personally Identifiable Information ,
PHI
We have previously reported on the Ashley Madison data breach and subsequent litigation. On December 14th, Ashley Madison announced that it has agreed to pay $1.6 million and implement additional security measures to settle...more
12/15/2016
/ Adultery ,
Ashley Madison ,
Attorney General ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Dating Services ,
Federal Trade Commission (FTC) ,
Hackers ,
Internet ,
Marriage ,
Online Platforms ,
Personally Identifiable Information ,
Settlement ,
Spouses ,
Websites
Yahoo Inc. announced on December 14th that hackers stole the personal information of more than one billion users, which is in addition to the 500 million accounts compromised that was announced in September....more
12/15/2016
/ Acquisitions ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Passwords ,
Personally Identifiable Information ,
Verizon ,
Yahoo!
There are reports of a java keylogger that is able to copy and forward credit card details from online checkout forms that are used on shopping websites. It has reportedly affected several dozen online shopping websites that...more
The U.S. Navy has revealed that it has been notified by one of its vendors that a laptop of the contractor was the source of a data breach that compromised the names and Social Security numbers of 134,386 current and former...more
The Office for Civil Rights (OCR) has announced that the University of Massachusetts Amherst (UMass) has agreed to settle an investigation against it as a result of a malware infection for $650,000, along with implementing a...more
12/5/2016
/ Business Associates ,
Corrective Actions ,
Covered Entities ,
Cyber Attacks ,
Data Breach ,
Educational Institutions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement ,
Universities
Madison Square Garden has announced that it has suffered a year-long data breach of debit and credit cards used at concession stands at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, ...more
On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more
12/2/2016
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Email ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Audits ,
OCR ,
PHI ,
Phishing Scams
In the ongoing saga of Facebook’s challenge of the Illinois Biometric Law, it declared last week that the Illinois law violates the United State Constitution.
According to Facebook’s Answer in a suit filed against it in...more
A Lincoln Financial Group subsidiary has agreed to accept a $650,000 fine levied against it by the Financial Industry Regulatory Authority (FINRA) and to implement more robust security controls for a 2012 hacking that...more
Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can be loaded onto a USB stick and used to hijack the Internet connection of one’s computer....more
A new IBM/Ponemon Study released late last week, 2016 Cyber Resilient Organization, reveals that only 32 percent of IT and security professionals believe that their organization has a “high” level of cyber resilience....more
The National Institute of Standards and Technology (NIST) recently released guidance for the makers of devices that use or are connected to the Internet to build robust security measures into the design of products from the...more
In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more
11/21/2016
/ Authentication ,
Business Associates ,
Covered Entities ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
PHI ,
Risk Assessment ,
Risk Management
The U.S. Equal Employment Opportunity Commission (EEOC) recently announced that it has entered into a settlement with BNV Home Care Agency, Inc. (BNV) for $125,000 for violations of the Genetic Information Non-Discrimination...more
The New York Times reported last week that “hundreds of fake retail and product apps have popped up in Apple’s App Store in recent weeks”—just in time to deceive holiday shoppers....more
11/18/2016
/ Advertising ,
Apple ,
Cyber Crimes ,
Holidays ,
Mobile Ad Networks ,
Mobile Apps ,
Mobile Devices ,
Online Advertisements ,
Ransomware ,
Retail Market ,
Smartphones ,
Technology ,
Websites
We often hear from small businesses that they do not believe they can be a “target” of hackers, or that they are at risk of a cyber intrusion. This thought is naïve as small businesses are at risk of cyber intrusions, and due...more
The National Institute of Standards and Technology (NIST) has teamed up with the United States Coast Guard(USCG) and private industry to issue a new cybersecurity document that will assist the maritime industry in securing...more
11/17/2016
/ Coast Guard ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Hazardous Substances ,
Maritime Transport ,
NIST ,
Ports ,
Risk Management ,
Shipping ,
Supply Chain
The United States Attorney’s Office for the District of Massachusetts recently announced that three former district managers of the pharmaceutical firm Warner Chilcott have been sentenced for violating the Health Insurance...more
11/14/2016
/ Bonuses ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Fraud ,
HIPAA Breach ,
Pharmaceutical Industry ,
PHI ,
Prescription Drugs ,
Privacy Concerns ,
Warner Chilcott
It is hard to stay focused after election night.
Since the new administration has a dearth of plans, here are some tips for it to get a jumpstart on cybersecurity priorities....more
11/14/2016
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
EU-US Privacy Shield ,
Hackers ,
Presidential Elections ,
Presidential Nominations ,
Trump Administration
We consistently comment about the importance of educating the next generation of students on cybersecurity. The earlier the better, as far as I am concerned-as early as the third grade. There is a dearth of cybersecurity...more
The National Cybersecurity Center of Excellence (NCCoE) has released a draft Project Description for the manufacturing sector entitled: Capabilities Assessment for Securing Manufacturing Industrial Control...more
The Federal Trade Commission (FTC) has fined the Consumer Education Group $100,000 for making millions of illegal telemarketing calls to consumers who were on the Do Not Call (DNC) Registry, including pre-recorded robocalls...more
Forrester recently issued its “2017 Predictions: Dynamics that Will Shape the Future in the Age of the Consumer,” which among others, makes interesting predictions relating to cybersecurity risks coming up in 2017....more