Data Protection Weekly

Compiled by: Richard Sheinis, Esq.

Orangeworm Jeopardizes Healthcare Data Security at Large Firms
HealthITSecurity.com

Kwampirs to gain remote access to compromised computers, warned security firm Symantec in a new report released April 23. Orangeworm is targeting healthcare providers, pharmaceutical firms, IT solution providers for healthcare, and healthcare equipment manufacturers. However, the group is also …

Report: Medical Data Breach Could Impact Patients Across Country
Tucson News Now

MONTGOMERY, AL (WSFA) -. Sensitive patient medical records compiled by possibly thousands of doctors may have been compromised, according to data security researcher KrebsonSecurity. Krebs says it recently notified Kansas-based MEDantex, a medical transcription service, to a security issue …

Hospital Takes Aim at Patient Health Data Security with AI tools
TechTarget

It has taken Johnson and his patient health data security team a little more than a year to become that comfortable with Darktrace. Initially, Johnson said, Darktrace “was very mysterious to us because we had never used an AI tool before. It’s a very powerful tool; it’s also very complex. … It would be way …

SEC Issues $35 Million Fine Over Yahoo Failing to Disclose Data Breach
The Verge

Yahoo — or rather, the shell company holding on to its remnants — will have to pay a $35 million fine for failing to disclose a 2014 data breach in which hackers stole info on over 500 million accounts. The US Securities and Exchange Commission announced today that Altaba, which contains Yahoo’s …

Approximately 16K Could Be Affected by UnityPoint Health Cyber-Attack
SecurityInfoWatch

April 20–The personal and health information of approximately 16,000 patients were potentially compromised by a cybersecurity attack on UnityPoint Health, according to a public notice released this week. On Feb. 15, UnityPoint Health discovered a phishing attack had compromised the organization’s …

Dubai’s Careem Hit by Cyber Attack Affecting 14 Million Users
Reuters

DUBAI (Reuters) – Careem, Uber’s main ride-hailing app rival in the Middle East, was hit by a cyber attack that compromised the data of 14 million users, it said on Monday. FILE PHOTO: An employee shows the logo of ride-hailing company Careem on his mobile in his office in the West Bank city of …

Healthcare Data Breaches Now Covered by Arizona Law
HealthITSecurity.com

Under legislation introduced in January and signed into law by Arizona Governor Doug Ducey earlier this month, information about an individual’s medical or mental health treatment or diagnosis by a healthcare professional is now considered “personal information”. Any breach involving that information …

Cyberhacking of Medical Devices a Growing Threat
The Star Online

Imagine your cardiac pacemaker started delivering electrical pulses that are too strong. Or your insulin pump suddenly pumps too much insulin into you. For people who live with an electronic medical aid, the thought that it could be hacked and manipulated is horrifying. How vulnerable are these …

Data Breach Could Impact Some Patients of Medical Lab Chain with Alabama Locations
AL.com

A data breach may have resulted in the exposure of the personal and protected health information of patients of a medical lab chain with multiple Alabama locations. American Esoteric Laboratories announced Friday that it had become aware of a “data security incident” that could impact patients’ data …

‘Cyber Terrorist’ Teen Who Hacked CIA Director John Brennan Sentenced to 2 Years in Prison
Gizmodo

A British teenager who gained notoriety for hacking a number of high profile United States government employees including former CIA director John Brennan and former director of intelligence James Clapper was sentenced Friday to two years in prison. Eighteen-year-old Kane Gamble pleaded guilty …

WEI Mortgage Becomes Latest Victim of Data Breach
IT Security Central

After receiving the reports about the unusual activity, WEI began investigating to verify the security of its network and to determine the nature and scope of the potential breach. The lender said that it engaged third-party forensic investigators, which determined that the company was the target of an email …

US bank Offers Free Identity Protection… While Admitting Potential Data Breach of 1.5mn Clients
RT

Data such as social security numbers, account numbers, PINs, User IDs, passwords, or driver’s license information has not been compromised by the potential breach, according to the bank. The bank told the Wall Street Journal that the information allegedly stolen may have been provided to a “criminal …