phone : 281-443-2996

104 Lockhaven Dr. | Houston, TX 77073-5500

HIPAA & Cybersecurity Update

HIPAA & Cybersecurity Update

  • Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices, according report by ZDNet News
    • was published on a popular hacking forum
    • includes each device’s IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
    • These types of lists — called “bot lists” — are a common component of an IoT botnet operation.
    • Hackers scan the internet to build bot lists, and then use them to connect to the devices and install malware.
  • Microsoft released a notice about a data breach within an internal customer support database used for support case analytics that may have inadvertently exposed personal info on over 200,000 customers
    • Misconfigured server made info available publicly on Internet
  • Adventist Health of Sonora, CA notified 2,653 patients that their PHI may have been exposed after email phishing attack.
  • Hospice of Anchorage in Alaska notified 300 patients that their PHI may have been exposed after a break-in.
  • Amedicanna, Bloom Medicinals and Colorado Grow all had to notify their cannabis customers that their personal info may have been exposed after their point-of-sale (cash registers) system software was hacked (sourced from THSuite Software)
  • The Center for Neurological and Neurodevelopment Health of Voorhees, NY notified an unknown number of patients that their PHI was exposed after email phishing attack.
  • Health Quest/Nuvance Health of Poughkeepsie, NY were sued by 28,910 patients in federal court over a breach of their PHI after email phishing attack.
  • National Ink & Stitch LLC of Owings, MD notified an unknown of customers that their info may have been exposed after a ransomware attack.
  • Medical Diagnostic Laboratories, headquartered in Reno, NV, is notifying an unknown number of patients from around the U.S. after a ransomware hacker released 9.5GB of data it stole after infecting network.
  • The Town of Colonie, NY notified an unknown number of citizens that their info may have been exposed after a ransomware attack, where hackers are demanding $400,000.
  • Participants in the Zero Day Initiative’s Pwn2Own Miami hacking competition earned a total of $280,000 for successfully hacking into industrial control systems provided by:
    • Rockwell Automation
    • Schneider Electric
    • Triangle MicroWorks
    • Unified Automation
    • ICONICS
    • Inductive Automation.
  • Mark Warner, D-Va. Claims that Fort Belvoir Community Hospital in Virginia, Ireland Army Health Clinic, Fort Knox, Kentucky, and Womack Army Medical Center at Fort Bragg, North Carolina — have left personally identifiable medical information of military patients online.
  • Temple Har Shalom Synagogue of Warren, NJ reported it was victim of ransomware attack.
  • Coveware Cybersecurity reports that the average amount of downtime suffered as a result of ransomware attack is now 16 days.
    • Average ransom paid between 10/1/19 and 12/31/19 was 484,116.
Share this post