65% of American Organizations Had Dealt With a Successful Phishing Attack in 2019
The cybersecurity firm Proofpoint shared its 2020 State of the Phish report, which showed that 65% of American organizations (55% worldwide) experienced at least one…
NIST Issued Its Privacy Framework Version 1.0
The National Institute of Standards and Technology (NIST) issued its Privacy Framework version 1.0 on January 16, 2020. The goal of the Privacy Framework is…
FBI Warning Against Maze Ransomware Attacks
The Federal Bureau of Investigation (FBI) published an alert to warn private companies in the U.S. concerning Maze ransomware attacks. FBI gave the alert after…
Second Lawsuit Filed Against Kalispell Regional Healthcare Over Phishing Attack
Kalispell Regional Healthcare based in Montana is charged with another legal case on account of the May 2019 phishing attack that allowed cybercriminals to access…
Six HIPAA Security Rule Provisions that Help Covered Entities to Prevent Ransomware Attacks
Ransomware attacks are now more advanced. Cybercriminals are creating new approaches and strategies to access systems and deploy ransomware. The most common ways of accessing…
What is Senator Wicker’s U.S. Consumer Data Privacy Act of 2019
Senator Roger Wicker (R-Miss), the Commerce Committee Chair, presented a draft copy of the United States Consumer Data Privacy Act of 2019 (CDAP). CDAP is…
200,000 Critical and Severe Vulnerabilities Being Fixed by Blue Cross Blue Shield of Minnesota
Blue Cross Blue Shield of Minnesota, which is Minnesota’s biggest health insurance company, is presently trying to take care of approximately 200,000 unaddressed vulnerabilities detected…
Data Breaches Reported by Sunrise Community Health, Katherine Shaw Bethea Hospital and NYC Health + Hospitals
Sunrise Community Health located in Evans, CO uncovered the exposure of a number of employees’ email accounts because of the employees’ response to phishing emails….
Phishing Attacks on Comprehensive Sleep Care Center and Ivy Rehab Physical Therapy Potentially Impact PHI
Loudoun Medical Group, also known as Comprehensive Sleep Care Center (CSCC), experienced a phishing attack approximately on June 19, 2019. The IT department was notified…
Great Plains Health Patient Medical Records Encrypted Due to Ransomware Attack
A ransomware attack on Great Plains Health based in North Platte, NE resulted in the encryption of some patients’ health records. Great Plains Health discovered…
Philips IntelliBridge EC40/80 Hubs Were Found to Have a Vulnerability
Philips released information about a vulnerability found in Philips IntelliBridge EC40/80 hubs. An attacker could exploit to access vulnerable hubs and execute a software program,…
HHS to Issue Higher Civil Monetary Penalties for HIPAA Violations in Keeping with Inflation Rates
As per the Inflation Adjustment Act, the U.S Department of Health and Human Services took into account the inflation rate when issuing civil monetary penalties…
URMC Pays $3 Million HIPAA Penalty for Failure to Encrypt Mobile Devices
The University of Rochester Medical Center (URMC) paid OCR $3 million as HIPAA penalty for failing to implement encryption on mobile gadgets and for other…
Phishing Attacks Compromise PHI of 56,000 Presbyterian Health Plan Members
A series of phishing attacks have compromised the protected health information of 56,000 members of Presbyterian Health Plan. The phishing attacks did not directly target…
Former Employee at Little Rock Plastic Surgery Illegally Accessed Patient Information
Little Rock Plastic Surgery (LRPS) is in the process of notifying patients of a data security incident which saw a former employee illegally access the…
Fedcap Rehabilitation Notifying 2,200 Individuals of Data Breach
Fedcap Rehabilitation is in the process of notifying 2,200 individuals of a data security incident which may have seen their confidential information compromised. New York-based…
Limited HIPAA Waiver in Areas Affected by Hurricane Dorian
The Secretary of the Department of Health and Human Services (HHS), has declared a public health emergency in Puerto Rico and the states of Florida,…
IRS Phishing Scam Used to Spread Keylogging Malware
Taxpayers and business have been warned of a new IRS phishing scam being used to spread keylogging malware. The hackers design the emails to appear…
Malware Found in Android PDF App CamScanner
Users of the Android app CamScanner have been advised to uninstall the app after a recent version was found to harbour malware. Security researchers at…
Ransomware Attack at Hospice of San Joaquin, CA
The Hospice of San Joaquin in Stockton, California, is in the process of notifying patients that their protected health information may have been compromised in…
Grays Harbor Community Hospital in Washington Ransomware Attack Affects 88,000 Patients
Grays Harbor Community Hospital in Washington is notifying 88,399 patients that their confidential health information may have been compromised in a ransomware attack. The hospital…
HHS Issues Limited Waiver of HIPAA Sanctions and Penalties in Louisiana
The US Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in Louisiana following Tropical Storm Barry making…
Northwood Notifying Patients of Data Breach Following Phishing Attack
Northwood Inc. is notifying individuals that their private information may have been comprised in a data breach following a phishing attack. Northwood Inc., based in…
Phishing Campaign Spreads Trickbot Trojan Through Fake Office 365 Website
A fake Office 365 phishing website is being used by hackers to distribute the Trickbot Trojan. The website is a convincing mimic of the legitimate…
Vitagene Breach Exposes Data of 3,000 Customers Online
Vitagene is in the process of investigating a data breach which has resulted in sensitive information of 3,000 customers from being exposed online. Vitagene, based…
Medical Center Enterprise Pays $300,000 to Alabama Woman for Privacy Rights Violation
Medical Center Enterprise, Alabama, has been ordered to pay a woman $300,000 in damages for violating her privacy rights. Amy Pertuit’s patient rights were violated…
THH Nurse Investigated for Impermissible File Access
A former nurse at Takai, Hoover & Hsu has is under investigation for impermissibly accessing of the protected health information (PHI) of 16,542 patients. The…
June 2019 Patch Tuesday: Mircosoft Fixes 88 Vulnerabilities
Microsoft has issued patches for 88 vulnerabilities this patch Tuesday. Of the vulnerabilities, 20 were rated critical. One servicing stack and 4 advisories were also…
AMCA Breach Compromises 12 Million Quest Diagnostics Records
A breach at the American Medical Collection Agency (AMCA) has compromised the records of nearly 12 million Quest Diagnostics patients. AMCA, a billing collections company…
Sexual Assault Victim Sues Hospital for Allegedly Disclosing PHI to her Attacker
A sexual assault victim has filed a lawsuit against a Kansas hospital for disclosing her private health information to her attacker. The then proceeded to…
Fourth Phishing Attack Hits St Vincent Medical Center
St. Vincent Medical Center is once again notifying patients of a data breach after experience a fourth phishing attack since December 2018. On March 26,…
Southeastern Council on Alcoholism and Drug Dependence Notifies Patients Following Ransomware Attack
The Southeastern Council on Alcoholism and Drug Dependence is notifying 25,000 patients that their PHI has been compromised in a ransomware attack. SCADD, based in…
Researchers Find Mail Clients Vulnerable to Digital Signature Spoofing Attacks
Cybersecurity researchers have identified vulnerabilities in mail clients that could be exploited by hackers in digital signature spoofing attacks. Digital signatures are widely used to…
MD Anderson Cancer Centre Fires Scientists Over Espionage Allegations
MD Anderson Cancer Centre has fired three scientists over allegations of espionage. The National Institutes of Health (NiH) contacted MD Anderson Cancer Centre, a world-leading…
Phishing Attack on Baystate Health Affects 12,000 Patients
Baystate Health has notified 12,000 patients a phishing attack on their facility compromised their PHI. Baystate Health, based in Massachusetts, discovered that an unauthorised individual…
FBI’s Internet Crime Complaint Centre Report Shows Increase in Financial Losses Due to Cybercrime
The FBI’s Internet Crime Complaint Centre (IC3) has released a report indicating that financial losses due to cybercrime rose drastically in 2018. The 2018 Internet…
Riverside Counselling Notifies Patients of Malware Attack
Riverplace Counselling Centre is notifying 11,639 patients of a data security incident following the discovery of malware on its systems. Riverplace Counselling Center in Anoka,…
Michigan Attorney General Responds to Wolverine Solutions Ransomware Attack
Michigan Attorney General Dana Nessel has issued a statement about a recent ransomware attack on the Wolverine Solutions Group, which may have affected up to…
TitanHQ Updates SpamTitan Email Security Solution
TitanHQ has released an update of its SpamTitan email security solution. TitanHQ, which specialises in providing email security solutions to SMBs and MSPs, has added…
Data Breach at PCEMS Affects 20,000 Patients
Pasquotank-Camden Emergency Medical Services (PCEMS) has contacted more than 20,000 patients that their data may have been compromised during a data breach. Hackers exploited a…
Breach at Third-Party Vendor Results in Exposure of Emerson Hospital Patient Data
A breach at a third-party vendor has resulted in 6,314 patients records from Emerson Hospital in Concord, MA being exposed. The breach occurred between May…
Deadline For Small Data Breach Reports Approaches
All HIPAA covered entities (CEs) should be aware that the deadline for reporting data breaches that occurred in 2018 of fewer than 500 records is…
Menlo Security Discovers New Emotet Trojan Campaign Tactic
Researchers at Menlo Security have announced the discovery of a new campaign tactic used by hackers to distribute the Emotet Trojan malware. Menlo Security’s researchers…
Microsoft February Patch Tuesday
Microsoft and Adobe have issued patches for 150 vulnerabilities this February 2019 Patch Tuesday. These updates included patches for 43 critical Adobe flaws and 20…
VFEmail Suffers Debilitating Cyber Attack
VFEmail has announced that it has suffered a debilitating cyber attack which saw nearly all of their data compromised. VFEmail, an email provider, issued a…
Blue Cross Blue Shield Business Associate Falls Victim to Ransomware Attack
A business associate of Blue Cross Blue Shield has announced that it was the victim of a ransomware attack. The breach was reported by Wolverine…
Phishing Attack at Family Physicians Group Orlando Compromises Patient’s PHI
A phishing attack at Family Physicians Group, Orlando, has resulted in 8,400 patients having their protected health information (PHI) compromised. The breach was identified on…
Phishing Campaign Uses Custom Web Font to Avoid Detection
A new phishing threat has been revealed in which the hacker has created a custom web font on their phishing website which renders the malicious…
Email Error Results in PHI of Veterans Accidentally Sent to Unauthorised Individual
A data security incident at Lebanon VA Medical Center has resulted in the protected health information (PHI) up to a thousand patients being accidentally sent…
Mimecast Security Awareness Training in Business Report Released
Mimecast has recently released the results of a survey on employee security awareness training in businesses. The results show that in many organisations, employees are…