Attivo Networks® announced today that it won the 2017 ASTORS Homeland Security Awards in three key categories. American Security Today presented these awards at the ISC East Conference in New York City to recognize organizations that are actively addressing today’s evolving Homeland Security challenges in innovative ways.
Recent cases of health data security incidents, some affecting PHI security, include device theft, and unauthorized employee access of patient data.
Brevard Physician Associates announced on its website that it was burglarized on September 4, 2017, raising possible health data security concerns for 7,976 patients.
The Melbourne, Florida-based facility stated that it was notified on September 4 that its security alarm had been tripped. An employee then discovered that three computers were missing from the office, one of which contained five audit files that held the patient records.
A ransomware attack on Grand Prairie, Texas-based Rainbow Children’s Clinic in early August reportedly affected 33,638 patients, according to Information Management.
On Aug. 3, a hacker launched a ransomware attack on the clinic’s computer system, encrypting data on the clinic’s servers. Rainbow Children’s Clinic attempted to quickly shut down its system, but an investigation conducted by a forensic expert proved a number of patient records had been deleted, reports Healthcare Finance News.
The potentially “irretrievably deleted” records may include patients’ names, addresses, dates of birth, Social Security numbers, medical information and payment guarantors.
Weebly, a San Francisco-based company that has allowed more than 40 million people create websites with since 2007; will start sending notification letters to all of their customers on Thursday, informing them of a data breach that occurred eight months ago.
The breach, affecting 43,430,316 customers, happened February 2016, but the root cause remains unknown. The compromised database is just now coming to the public’s attention after an anonymous source sent it to LeakedSource.
Healthcare data breaches are continuing at an alarming pace, with the second half of 2016 shaping up to have more breach incidents per month, so far, than in the first half of the year.
According to the Protenus Breach Barometer report, while the first six months of 2016 averaged 25.3 breaches per month, the second half thus far has had an average of 39.3 incidents per month, an over-55 percent increase. “While the number of months in this total is small, this trend over the last quarter provides some cause for alarm,” the report authors stated. There were 152 incidents involving protected health information (PHI) or medical health information in the first half of 2016, and so far, in the second half, there have been 118 incidents.
The U.S. Department of Health and Human Services, Office of Civil Rights (“OCR”), the agency tasked with enforcing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), recently announced that it will redouble its efforts to investigate smaller breaches of Protected Health Information (“PHI”) that affect fewer than five-hundred (500) individuals.
The cost of poor healthcare security might have just gotten more expensive.
Earlier this month, Phoenix-based Banner Health announced the largest data breach of any hospital so far this year. Hackers gained access to the system’s servers, including those processing credit card information for cafeteria sales, and others containing data from health plan members and beneficiaries, affecting more than 3.7 million patients overall. While reports of breaches such as this one can be embarrassing to a hospital’s senior executives and certainly have an effect on its reputation, those are both “soft” costs. It’s the “hard” costs, the money that can affect the bottom line, that should have hospital administrators and their boards paying closer attention to their security postures…and perhaps their overall cybersecurity budgets.
What makes this story interesting is that Banner Health not only suffered a huge breach, but they are being sued for it.
Japan’s major travel agency JTB has admitted to a cyberattack which it fears has led to the theft of data belonging to 7.93 million users.
In today’s day and age where major data breaches are heard of almost weekly, the odd eight million doesn’t sound too critical. However, in JTB’s case, the travel agency believes that not only have customer names, addresses and email addresses been stolen, but also their passport numbers.
The only saving grace, as reported by local media Japan Times, is that only around 4,300 of these passport numbers is believed to be valid — a small subsection of the leaked data, but one that could cause serious issues to fliers should the data be sold on for the sake of creating fake passports, travel documents or identity theft.
The latest count from the Identity Theft Resource Center (ITRC) reports that there have been 227 data breaches recorded through April 5, 2016, and that more than 6.2 million records have been exposed since the beginning of the year. The total number of reported breaches has increased by 50 in the past two weeks.
The biggest share of the huge jump in exposed records is due to a breach at a division of Verizon Communications Inc. (NYSE: VZ) that provides services to large companies whose data has been stolen. Some 1.5 million records were involved and the data were stolen and resold. According to data security website KrebsonSecurity, the thieves price the entire package at $100,000 and selected chunks for $10,000.
Today, global security firm, G DATA, is releasing their H1 2015 Malware Report, which looks at malware over the first half of 2015. Among the findings, researchers discovered a 64.8 percent spike of new malware strains as compared to the first half of 2014. This averages out to 12 new strains per minute. In all, the total number of malware strains this year is expected to be well above the level of 2014, with the U.S., China and France hosting the most malicious and fraudulent websites.