CYBERSECURITY -
White House Focused on Combating Ransomware -
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large...more
7/16/2021
/ Article III ,
Biden Administration ,
Canon ,
COPPA ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Ransomware ,
Smart Devices ,
Standing ,
Telemarketing ,
Text Messages
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
COVID-19 Vaccine Test Lab Hit by Maze Ransomware -
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, the ransomware recently...more
3/31/2020
/ California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Ransomware ,
Spam ,
Telecommuting ,
Telehealth
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
12/11/2019
/ Aviation Industry ,
Beneficiaries ,
Biometric Information ,
Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Restaurant Industry ,
Settlement Agreements ,
Virtual Currency
On November 27, 2019 the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a $2.175 million dollar settlement with a hospital system to resolve alleged violations of HIPAA’s Breach...more
12/4/2019
/ Billing ,
Breach Notification Rule ,
Corrective Actions ,
Data Breach ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Privacy Rule ,
Hospitals ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management ,
Settlement
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more
9/13/2019
/ Consumer Privacy Rights ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Debt Collectors ,
Digital Assets ,
Educational Institutions ,
Enforcement Actions ,
Financial Services Industry ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Records ,
Municipalities ,
NIST ,
Personally Identifiable Information ,
Ransomware ,
TCPA
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
On June 3, 2019, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued a fraud alert to notify consumers about genetic testing fraud schemes (the Alert)....more
On April 26, 2019, the U.S. Department of Health and Human Services (HHS) issued a Notification of Enforcement Discretion (Notice) regarding imposition of Civil Money Penalties (CMPs) under HIPAA. ...more
4/30/2019
/ Civil Monetary Penalty ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HITECH Act ,
Personally Identifiable Information ,
PHI ,
Security Standards
The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
4/19/2019
/ Cookies ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Email ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom and get the decryption key to...more
1/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cell Phones ,
Commercial General Liability Policies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data-Sharing ,
Drones ,
Geological Data ,
Hackers ,
HIPAA Breach ,
Personally Identifiable Information ,
Ransomware ,
Right to Privacy ,
Risk Management ,
Rulemaking Process ,
WISP
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more
12/27/2018
/ Article III ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Driverless Cars ,
Drones ,
Experian ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
OCR ,
Public Health ,
Risk Management ,
Smart Devices ,
Standing ,
Transportation Industry ,
Vaccinations ,
Value-Based Care ,
Vulnerability Assessments
According to reports by WhoWhatWhy and the Associated Press, five security experts have confirmed a private citizen’s allegation that the Georgia Online Voter Database contains a major security flaw and is vulnerable to...more
11/12/2018
/ Commercial Use ,
Credit Cards ,
Customer-Loyalty Programs ,
Data Breach ,
Databases ,
Drones ,
HIPAA Breach ,
Hospitality Industry ,
Hotels ,
Identity Theft ,
Kenya ,
Phishing Scams ,
USPS ,
Vulnerability Assessments
On November 2, 2018, the New Jersey Attorney General announced a settlement worth up to $200,000 with a former medical transcription company responsible for a breach affecting medical records of up to 1,654 patients of a New...more
The U.S. Patent and Trademark Office (USPTO) announced last week that it has discovered unauthorized users have attempted to hack into its online trademark system to attempt to make unauthorized changes to active trademark...more
10/29/2018
/ Airspace ,
Beyond Visual Line Of Sight (BVLOS) ,
Centers for Medicare & Medicaid Services (CMS) ,
Credit Security Freeze ,
Cyber Attacks ,
Data Breach ,
Drones ,
Employee Training ,
General Electric ,
Hackers ,
HIPAA Breach ,
Intellectual Property Protection ,
Legal Ethics ,
New Legislation ,
Risk Management ,
Small Business ,
Trademark Application ,
Trademark Registration ,
Unmanned Aircraft Systems ,
USPTO
Federal legislation recently took effect that prohibits consumer reporting agencies from charging a fee to place or remove (lift) a security freeze on a consumer credit report in response to a consumer request. ...more
10/25/2018
/ Consumer Credit Protection ,
Credit Reporting Agencies ,
Credit Reports ,
Credit Security Freeze ,
Data Breach ,
Economic Growth Regulatory Relief and Consumer Protection Act ,
Equifax ,
Experian ,
Fair Credit Reporting Act (FCRA) ,
Financial Services Industry ,
Identity Theft ,
TransUnion
The Office of Inspector General (OIG) recently announced the creation of a cybersecurity team focused on combating threats within the Department of Health & Human Services (HHS), and within the health care industry. ...more
The State of California is once again leading the way with trying to keep up with technology and protecting consumers. Senate Bill 327 requires Internet of Things (IoT) developers to implement “reasonable security features”...more
10/1/2018
/ Biometric Information ,
Biometric Information Privacy Act ,
Blockchain ,
COPPA ,
Cyber Attacks ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Drones ,
Fingerprints ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Hurricane Florence ,
Insurance Claims ,
Internet of Things ,
Online Safety for Children ,
Passwords ,
Popular ,
Property Damage ,
Settlement ,
State Farm ,
Uber
In late August, the Attorney General of the State of New York announced a $200,000 settlement with a New York-based non-profit organization that provides services to developmentally disabled individuals and their families...more
We have previously reported on the ongoing cybersecurity issues with St. Jude defibrillators [view related posts here, here, and here]. On June 29, 2018, the Food and Drug Administration (FDA) classified the required firmware...more
7/16/2018
/ Adidas ,
Computer Fraud and Abuse Act (CFAA) ,
Constitutional Challenges ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Drones ,
Emergency Management Plans ,
Emergency Response ,
EU-US Privacy Shield ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Hackers ,
Healthcare ,
Healthcare Facilities ,
HIPAA Breach ,
Medical Devices ,
Mobile Apps ,
Popular ,
Ransomware ,
Regulatory Requirements ,
Regulatory Violations ,
St Jude Medical Center ,
Wildfires
Just weeks after Mexico’s central bank was targeted by hackers who stole $15 million, Chile’s biggest bank, Banco de Chile, announced on May 28, 2018, that it had been struck by a “virus” that affected its workstations,...more
7/2/2018
/ Banks ,
Carpenter v US ,
Cell Phones ,
Credit Reporting Agencies ,
Criminal Convictions ,
Cryptocurrency ,
Currency Exchange ,
Data Breach ,
Drones ,
Electronic Records ,
Electronically Stored Information ,
Exigent Circumstances ,
Fourth Amendment ,
Geolocation ,
Hackers ,
Harassment ,
Identity Theft ,
Location Data ,
location-da ,
Malware ,
NYDFS ,
Probable Cause ,
Reasonable Expectation of Privacy ,
Registration Requirement ,
Remand ,
Reversal ,
Robocalling ,
SCOTUS ,
Third-Party ,
Warrantless Searches
Bezop Cryptocurrency Investors’ Personal Information Exposed -
Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB...more
5/4/2018
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Hospitality Industry ,
PHI ,
Smart Devices ,
Unmanned Aircraft Systems ,
Virtual Currency
“Orangeworm” Targeting Health Care Industry -
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the...more
4/27/2018
/ Blue Shield ,
Criminal Investigations ,
Cyber Attacks ,
Cyber Insurance ,
Data Breach ,
Digital Currency ,
Drones ,
Enforcement Actions ,
Extraterritoriality Rules ,
Hackers ,
Health Care Providers ,
Healthcare ,
Medical Devices ,
Personal Data ,
PHI ,
Risk Management ,
Scams ,
September 11th Victim Compensation Fund ,
SunTrust ,
Unmanned Aircraft Systems ,
US v Microsoft ,
Virtual Currency