While we have been talking about the very important message of educating employees about data security, I find that giving employees tips about their personal data security keeps them interested and engaged during education...more
6/28/2019
/ Bring Your Own Device (BYOD) ,
Cell Phones ,
Confidential Information ,
Data-Sharing ,
Information Technology ,
Location Privacy ,
Mobile Apps ,
Mobile Device Management ,
Mobile Devices ,
Mobile Privacy ,
Personal Data ,
Privacy Concerns ,
Proprietary Information ,
Risk Management ,
Vulnerability Assessments
Security researchers have warned municipalities repeatedly about how they are being targeted with ransomware, that they are at high risk, and the need to make data security a high priority....more
6/28/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Municipalities ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
Vicious malware continues to be deployed by China-based attackers. A new strain of malware, dubbed “HiddenWasp,” which has the ability to remotely infect computers, has been discovered by a security researcher at Intezar. The...more
6/7/2019
/ California Consumer Privacy Act (CCPA) ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Exploitation ,
Extortion ,
FBI ,
Genetic Materials ,
Genetic Testing ,
Hackers ,
Information Technology ,
Malware ,
OIG ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Quest Diagnostics ,
Vulnerable Victims
Another day in the healthc are industry, another big data breach.
This week, Quest Diagnostics announced in a security filing with the Securities and Exchange Commission, that a collection agency vendor that it uses for...more
Although many thought that WannaCry was in the rear view mirror, a recent report by Artemis, based on client experience, found that health care organizations and manufacturing companies are still being hit with the ransomware...more
Another city, another ransomware attack. Cities and municipalities continue to be targeted with ransomware campaigns. Fortunately, in this case, essential services such as fire, police, Emergency Medical Services and 311...more
The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
4/19/2019
/ Cookies ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Email ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams
The Ponemon Institute recently completed research, sponsored by IBM Resilient, entitled “The 2019 Cyber Resilient Organization,” which surveyed more than 3,600 security and IT professionals around the world to determine...more
I have been alerting clients that I know use Wipro, but may have missed some of you.It is being reported that IT outsourcing company Wipro Ltd. has been hacked through several phishing campaigns from what is believed to be a...more
The Department of Homeland Security (DHS) issued a warning on April 15, 2019, entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
Following in the footsteps of the New York Department of Financial Regulation (NYDFS) in enacting cybersecurity requirements for the financial services industry, and in response to massive data breaches in the insurance...more
In an effort to phase out what many in the security world believe are threats to the cybersecurity posture of governmental agencies and private entities alike...more
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom to get the decryption key to...more
1/18/2019
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
PayPal ,
Personally Identifiable Information ,
Ransomware ,
Risk Management
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more
12/27/2018
/ Article III ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Driverless Cars ,
Drones ,
Experian ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
OCR ,
Public Health ,
Risk Management ,
Smart Devices ,
Standing ,
Transportation Industry ,
Vaccinations ,
Value-Based Care ,
Vulnerability Assessments
The bane of data security is the patch. The patch is what your IT guys are doing in the background to fix vulnerabilities in software that are known to the manufacturers, and to attempt to fix the vulnerability before hackers...more
The Office for Civil Rights has announced that it has fined Lakeland, Florida based Advanced Care Hospitalists (ACH) $500,000 for an impermissible disclosure of protected health information by one of its business associates. ...more
12/12/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI
Atrium Health and its vendor AccuDoc Solutions have released a joint announcement this week that AccuDoc’s database of 2.6 million billing records of Atrium Health’s patients has been compromised by a hacking incident....more
12/3/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Hackers ,
Healthcare ,
Identity Theft ,
Information Technology ,
Personally Identifiable Information ,
Social Security Numbers
According to a new report by Datto, Inc. (its third annual Global State of the Channel Ransomware Report), ransomware continues to be the top cyber-attack experienced by small and medium sized companies....more
Many companies are migrating their email systems to Microsoft Office 365 (O365). The majority of security incidents that we have been involved in over the past six months involve a hacker successfully phishing an employee of...more
Toyota Industries North America (TINA) has discovered that a hacker was able to access its corporate email system, compromising the personal and protected health information of approximately 19,000 individuals, apparently...more
10/5/2018
/ Cyber Attacks ,
Data Breach ,
Electronic Medical Records ,
Email ,
Hackers ,
Health Insurance ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
PHI ,
Toyota
We all remember Kronos—the malicious malware that was sold by Russian underground forums in 2014 for $7,000. If you bought it, you were promised updates and development of new modules.
...more
9/13/2018
/ Banking Sector ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Online Banking ,
Personally Identifiable Information ,
Popular ,
Risk Management
The Federal Bureau of Investigation (FBI) released a Public Service Announcement on August 2, 2018 entitled “Cyber Actors Use Internet of Things Devices as Proxies for Anonymity and Pursuit of Malicious Cyber Activities,”...more
Just days after the summit between the U.S. and North Korea, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security issued a warning about a malicious malware, a Trojan malware variant known as...more
6/26/2018
/ Administrative Law Judge (ALJ) ,
Chief Information Security Officer (CISO) ,
Connected Cars ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data-Sharing ,
Department of Homeland Security (DHS) ,
Drones ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
FBI ,
FCC ,
FERPA ,
Hackers ,
HIPAA Breach ,
Information Technology ,
Malware ,
OCR ,
Risk Management
I hang out with CISOs and CIOs. I support them because they have thankless jobs and have a mountain of responsibilities to protect an organization, most of the time without complete support from the organization. ...more
The Singapore summit was the focus of news stories this week. The media descended on Singapore to capture all of the news. When journalists started posting pictures of the contents of the gift bags that they were given at the...more