Spectra Logic of Boulder, CO notified an unknown number of customers that their info may have been exposed after ransomware attack.
- The University of Pittsburgh Medical Center (UPMC) and Charles Hilton &
Associates Law Firm have been sued related to a breach that exposed the PHI of 36,000 patients.
- Proofpoint published report on Insider Caused Breaches:
o $3.86 million is average total cost of an insider caused data breach
o 30% of breaches a involve internal threat actoss
62% = carelessness
23% = malicious
14% = credential compromised
- Arbour Hospital of Massachusetts agreed to pay $65,000 to settle a HIPAA violation regarding providing patients with timely access to their PHI.
- The State Controller Office in Sacramento, California notified an unknown number of citizens that their info was exposed after email phishing attack.
- Brandman Centers for Senior Care, headquartered in Reseda, CA, notified an
unknown number of patients that their PHI was exposed after ransomware attack.
- Haven Behavioral Hospital of Tennessee is notifying an unknown number of patients that their PHI was exposed after ransomware attack.
- Facebook paid a researcher Alaa Abdulridha $50,000 for discovering security
vulnerabilities in the platform.
- Tesla announced that Egor Igorevich Kriuchkov of Russia pleaded guilty for attempting to bribe a Tesla employee to plant ransomware on Tesla’s network for $500,000.
- Valimail Security published report that states that there are 3 billion phishing emails sent by hackers every day, or 1% of all email traffic worldwide.
- Purple Fox is the name of new malware that is being used by hackers according to Guardicore Labs.
o “indiscriminate port scanning and exploitation of exposed SMB services with
weak passwords and hashes”
- The Minnesota Department of Natural Resources and City of Minneapolis police department are being sued by a former police officer who claims that her personal info in a driver’s license database was illegally access nearly 1000 times since 2003.
- ZDNet magazine is reporting that there are still thousands of cyberattacks attacking zero-day security vulnerabilities in Microsoft Exchange Server every single day.
- DeCotiis, Fitzpatrick, Cole & Giblin Law Firm, headquartered in Paramus, New
Jersey, notified an unknown number of clients that their info may have been exposed after email phishing attack.
- Sewell Family of Companies, headquartered in Odessa, TX, which owns automotive dealerships, notified an unknown number of customers that their info may have been exposed ransomware attack.
- The National Cyber Security Centre of England claims that there is spike worldwide in hackers targeting schools and universities due to value of student identities.
- Bradley J. Harris, former CEO of Novus Health Services, pleaded guilty to stealing PHI to commit Medicare and Medicaid fraud.
o Faces up to 14 years in prison
- Acer Corp, with US headquarters in San Jose, CA, notified an unknown number of customers that their info was exposed after being hit by ransomware, with culprits demanding $50 million in ransom.
- Village Plastic Surgery ("VPS") of Ridgewood, New Jersey has agreed to take
corrective actions and pay $30,000 to settle a potential violation of the HIPAA Privacy Rule's right of access standard.
- Maricopa County Community Colleges of Arizona notified “thousands” of students that their info may have been exposed after ransomware attack.
- Shell Oil, with US headquarters in Houston, TX, notified an unknown number of employees and customers that their info was exposed after cyber attack.
- Park Hill School District of Missouri notified an unknown number of students that their info may have been exposed after ransomware attack.
- Polk County Schools of Lakeland, FL notified an unknown number of students that their info may have been exposed after data breach.
- Kentucky Wesleyan College notified an unknown number of students that their info may have been exposed after cyber security incident.
- Eyemart Express, headquartered in Farmers Branch, TX, notified an unknown number of patients that their PHI may have been exposed after email phishing attack.
- Stratus Technologies of Natick, Massachusetts notified an unknown number of customers that their info was exposed after ransomware attack.
- Mendelson Kornblum Orthopedic and Spine Specialists of Warren, Michigan notified 28,658 patients that their PHI was exposed after ransomware attack.
- The University of Miami in Florida notified an unknown number of students that their PHI may have been exposed after ransomware attack.
- Heart of Texas Community Health Center of Waco, TX notified an unknown number of patients that their PHI was exposed after email phishing attack.
- City of Frankfort in Kentucky notified an unknown number of citizens that their info may have been exposed after ransomware attack.
- Colorado Retina Associates notified an unknown number of patients that their PHI may have been exposed after email phishing attack.
- Spectrum Health of Grand Rapids, Michigan says it has launched an investigation after a group of doctors posted to Instagram photos taken in the operating room that show an organ from one patient and fibroid tissue from another, and other potential HIPAA violations of patients’ PHI
- UP Health System – Marquette, Michigan has been made aware of a “caller ID
spoofing” scam that is inappropriately using the hospital’s name.
o This type of scam involves a third party making it appear as though a call is
coming from a particular entity, in this case, the hospital.
o It has been reported that these calls are “trying to collect money” or “your
personal information” for fraudulent purposes.
- The FBI published report on Internet-enabled Crime reported in 2020:
o $4.2 billion in losses reported by victims to U.S. authorities in 2020.
o received nearly 792,000 victim reports of suspected internet-facilitated crime
69% increase from the 300,000 complaints it logged in 2019
o $29 Million in Reported Ransom Payments
received a total of 2,474 ransomware complaints,