- HIPAA & Cybersecurity Updates - In an internal memo, the US Department of Justice outlined the creation of a new initiative to "pursue and disrupt" ransomware operations.
- include the takedown of command-and-control (C2) servers used to manage ransomware campaigns
- legal seizure of "ill-gotten gains" generated by such schemes.
- The American College of Emergency Physicians, headquartered in Irving, TX notified an unknown number of patients that their PHI may have been exposed after cybersecurity incident.
- Codecov, a software auditing company, is notifying 29,000 customers that their info was exposed after security breach.
- Cisco Talos researchers sent our warning that the Cosori Smart Air Fryer can be penetrated by hackers, who can invoke remote code execution.
- Malwarebytes is warning that the Lazarus hacking group is now hiding malware payloads inside of BMP (bitmap) image files.
- Tactic can be used to insert ransomware
- Broward School District in Florida notified 25,971 students that their info may have been exposed after cyber security incident.
- Chesterfield County Public Schools of Virginia notified an unknown number of students that their info was mistakenly released to a parent.
- Nationwide Children's Hospital of Columbus, Ohio reported that former employee, Yu Zhou, was sentenced 33 months in prison for conspiring to steal trade secrets and sell them to China
- Northern Light Health of Brewer, Maine was sued in regards to a PHI breach last May that affected more than 650,000 people.
- The University Counseling Center of Wake Forest University of North Carolina notified 860 patients that their PHI may have been exposed after email error.
- Apple was contacted by the operators of the REvil ransomware who are demanding that Apple pay a ransom demand to avoid having confidential information leaked on the dark web.
- claims it came into possession of top secret Apple product designs
- Rite Care of Rhode Island is reporting that Diomedes Ramirez, a Dominican national, has been indicted by a federal grand jury for stealing PHI:
- allegedly used the stolen PHI of a person who lived in Puerto Rico and who subsequently passed away in September 2018, to fraudulently gain a U.S. passport and federally-funded food and health care benefits
- Hoya Vision Care USA of Lewisville, TX notified an unknown number of patients that their PHI may have been exposed after a group of hackers executed a ransomware attack
- John Deere Corp. reported security vulnerabilities in its apps and website that could have allowed hackers to find and download the personal data of all owners of the company's farming vehicles and equipment
- Elekta Software was hacked causing the PHI to be exposed at:
- Southcoast Health of Bedford, MA
- Rhode Island Hospital
- Lifespan Cancer Institute
- Yale New Haven Health of Connecticut notified 200 patients that their PHI was exposed after breach.
- DNF Medical Centers of Orlando, FL notified 846 patients their PHI was exposed after being stolen by former employee.