Skip to main content

Cybersecurity Updates

CyberSecurity

HIPAA & Cybersecurity Updates - Top three actions over next 2 years for Healthcare CIOs regarding security survey:

  • 50% = identify opportunities for performance improvements and cost savings
  • 42% = providing training for staff
  • 39% = developing and hiring the correct skill sets

The North Dakota Department of Health and Cavalier County Health notified 35,316 patients that their PHI was exposed after email phishing attack

Tri-State Specialists of Iowa, South Dakota and Nebraska notified 17, 500 patients that their PHI was exposed after email phishing attack

All Pro Sports notified 3,429 users of DJO Mobility Products of Lewisville, TX that their PHI was exposed after email phishing attack.

Northwest Eye Surgeons/Sight Partners of Seattle, WA notified 20,838 patients that their PHI was exposed after cybersecurity breach

University of California-San Francisco (UCSF) School of Medicine notified an unknown number of patients that their PHI was exposed after cyberattack.

HackerOne, headquartered in San Francisco, CA, who organizes bug bounty events to have hackers get paid for finding vulnerabilities, reported:

  • 9 hackers have earned more than $1 million each for their work
  • 13 hackers have earned at least $500,000
  • 146 hackers have earned at least $100,000
  • $40 million has been paid out in 2019
  • $3,650 = average bounty paid for critical vulnerability found
  • $979 = average amount paid per vulnerability
  • Google has paid out $21 million since 2010

Dr. Spyros Panos, previously convicted of stealing PHI, plead guilty to committing fraud a second time:

  • Agreed to forfeit $876,389.97 and pay restitution
  • Will be sentenced on 3/16/2020 in New York

Northampton Public Library of Pennsylvania notified an unknown number of patrons that their info may have been exposed after ransomware attack

Mercy Iowa City Hospital of Iowa notified 60,473 patients that their PHI was exposed after email phishing attack

Morphisec Security is warning customers in higher education vertical in the U.S. of the Jupyter malware from Russia, that attempts to open a backdoor into network, and steal valuable information and passwords to sell on the Dark Web

Schneider Electric is warning customers of its Trio Data Radio wireless communication mdevices that they are vulnerable to be hacked by the Drovorub malware from Russia

Area 1 Security is warning businesses in the U.S. of new TrickBot botnet email phishing campaign. If successful, the hackers deploy the following malware to take over networks and/or steal valuable info:

  • Bazar backdoor
  • Buer loader
  • Ryuk ransomware
  • CobaltStrike

The University of Cincinnati Medical Center in Ohio has agreed to a $65,000 settlement and a corrective action penalty with the Office for Civil Rights to resolve a potential violation of the HIPAA Privacy Rule’s right of access standard.

Akropolis has offered the hacker who stole $2 million in Dai cryptocurrency a “bug bounty” reward in return for the missing funds.

University of Maryland researchers discovered that it is possible to install malware to convert a smart vacuum cleaner, like the Roborock, into a remotely controlled microphone to record nearby conversations.

The Delaware Division of Public Health notified an unknown number of patients that their COVID-19 test results and PHI may have been exposed after an email security event.

DataBreaches.net reported that operators of the Egregor ransomware sometimes use a feature that forces attacked networks to print out ransom notes to printers and MFPs that are attached to the affected network.

Consumer Watchdog reported that it has developed a method in which it can hack into a Tesla car, and take over its operation.

The Wash Tub Company, with car wash locations in San Antonio, TX area, notified an unknown number of customers that their info was exposed after payment card breach.

Pluto TV, headquartered in Los Angeles, CA, notified 3.2 million subscribers that their info was exposed after ransomware attack.

Timberline Billing Services of Des Moines, Iowa, notified 116,000 patients that their PHI was exposed after ransomware attack.

If you like something I've posted please feel free to click the "like" button!

Attachments

Images (1)
  • mceclip0
Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×