Archive for October, 2016

Ransomware attack at NJSC

October 28th, 2016

New Jersey Spine Centre announced data breach when its server suffered ransomware attack. Facility mentioned that all of the practice’s electronic medical record files were encrypted. 
eat

Affected information included Clinical information which includes procedures, office notes, reports, demographic information, personal information, and some financial information. Facility notified the FBI and local authorities regarding the incident.

“The malware was blocked by our virus protection software but unfortunately not before the damage had already been completed to our records,” New Jersey Spine Center explained. “The virus likely gained access by utilizing a list of stolen passwords by running an automated program, and demanded a ransom payment to obtain an encryption key to unlock the files.”

Facility did not mentioned whether ransom was paid but it did say that the practice obtained the key. As per the OCR data breach reporting tool states, total 28,000 individuals were affected by the incident.

Facility also mentioned that there is no information to suggest that any medical, personal of financial information was used or stolen by the individuals. Notifications are sent to the concerned individuals.

New Jersey Spine Center is the leading choice for spine care in eastern Pennsylvania and southern New York. It brings the cutting-edge and comprehensive spine care to the region. It also provide a comprehensive evaluation process permitting a thorough and complete evaluation of patients problem for appropriate decision making. A multi-disciplinary approach is provided which enables facility to provide the options available for care.

Two types ransomware in circulation 

First type is called Encrypting ransomware. It uses advanced encryption algorithms to block system files. Hackers demand payment to provide the victim with the key to unblock content.

Second type is called Locker ransomware. It locks the victim out of the operating system and the system. Attackers ask for money to unlock the system.

____________________________________________________________________________________________

Alertsec was established was that encryption should be simple, transparent and available for all.

Phishing Scam at Baystate Health

October 26th, 2016

Baystate Health which is based in Massachusetts recently suffered data breach when several of its employees had fallen victim to a phishing scam. The incident potentially impacted the information of approximately 13,000 patients. scam

Baystate Health is a not-for-profit integrated health care system. It is serving over 800,000 people in western New England. More than 140 years, Baystate Health has been providing skilled and compassionate health care in the region. More than 12,000 team members works for Baystate Health. It is one of western Massachusetts’ strongest economic engines.

On August 22, 2016, facility learned that five of its employees replied to a phishing email. As per the reports, the email was designed by hackers to look like an internal Baystate memo. Certain patient information was accessed by the hackers.

Social Security numbers and other financial information were not included in the emails. Affected information includes patient names, dates of birth, diagnoses, treatments received, medical record numbers and, in some instances, health insurance identification numbers.

Baystate believes that there is no indication that patient information was misused. Facility took steps to secure the email accounts and began an investigation. The incident is also reported to law enforcement.

“Baystate is committed to protecting private information and is taking this matter very seriously,” the statement read. “To help prevent a similar event from happening again, we are increasing our employee training about phishing emails.”

Baystate did not mention number of affected individuals. But as per the OCR data breach reporting tool, accurately 13,112 individuals were affected.

As per the Baystate, “We mailed letters to people who may have been affected. If you believe you may be affected and have not received a letter by November 5, 2016, or if you have any questions about this incident, please call.”

____________________________________________________________________________________________

Alertsec is the easiest way to ensure that any data stored on a laptop is encrypted at all times and kept secure even if the device is lost or stolen.

Ransomware attack affects 33K

October 23rd, 2016

Rainbow Children’s Clinic recently suffered a ransomware attack. According to the reports, the attack left the data encrypted which was stored on the facility’s system. Rainbow mentioned that it shut down the computer system immediately to prevent the information from being lost.

But a forensic investigation team found that the patient records has been irretrievably deleted. Affected information includes patient names, addresses, dates of birth, Social Security numbers, and medical information.

Ransomware is computer malware that installs on a victim’s computer. Hackers use the technique mostly for the purpose of extorting money. It encrypts data with certain passcode. A ransom payment is asked to decrypt it or not to publish it publicly. Simple ransomware may lock the system but the data can be recovered by a knowledgeable person. More advanced malware encryption makes data inaccessible.

Other information which got impacted in Rainbow Clinic incident involves personal information related to patients’ payment guarantors, including guarantors’ names, addresses, Social Security numbers, and medical payment information. Facility mentioned that the affected individuals will be offered complimentary identity monitoring and identity theft resolution services.

“Rainbow Children’s Clinic takes the security of its patients’ information very seriously and has taken steps to prevent a similar event from occurring in the future, including strengthening its security measures and ensuring that its networks and systems are now secure,” Rainbow said.

As per the OCR data breach reporting tool, total 33,698 records got affected. As per the statement:

Notification letters mailed today include information about the incident and steps potentially impacted individuals can take to monitor and protect their personal information. Rainbow Children’s Clinic has established a toll-free call center to answer patient questions about the incident and related concerns. Additional information and recommendations for protecting personal information can be found on the Rainbow Children’s Clinic website.

The privacy and protection of patient information is a top priority, and Rainbow Children’s Clinic deeply regrets any inconvenience or concern this incident may cause.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach at CalOptima

October 20th, 2016

CalOptima based in the California recently suffered data breach. It has reported the second breach in a month. According to the reports, PHI data breach has affected 56,000 individuals.

Incident involves former CalOptima employee who downloaded data to an unencrypted USB flash drive. Affected information includes patient names, other demographic information, and other health plan-related information. Also, Social Security numbers, and the Social Security numbers of children were included for few cases.

Different notification letters were posted to the California Attorney General’s Office based on whether Social Security numbers were included or not.

“While we are still investigating this matter, CalOptima felt it was important to notify you promptly of this incident,” explained one of the notification letters. “We regret that this occurred and want to assure you that we are changing our procedures and practices to minimize the risk of it happening again.”

CalOptima spokeswoman Bridget Kelly mentioned that the investigation is going on. She also added that there is no reason to believe that the information was misused.

“We have implemented several additional safeguards to better protect members against this type of incident in the future,” Kelly said.

As per the statement, facility has asked the affected individuals to follow guidelines.

 We recommend that you monitor your credit using the free service from IDT911. CalOptima is providing you with access to Triple Bureau Credit Monitoring services at no charge. These services provide you with alerts for twelve months from the date of enrollment when changes occur to any of one of your Experian, Equifax or TransUnion credit files. This notification is sent to you the same day that the change or update takes place with the bureau. These services will be provided by IDT911, a company that specializes in identity theft education and resolution.

____________________________________________________________________________________________

 Alertsec is used by organizations that have recognized the need to protect their information.

Claims document found in employee storage unit

October 18th, 2016

The Virginia Department of Veterans Services (DVS) recently suffered data breach when veterans claims documents were included in the documents found in a former DVS employee’s storage unit.

According to the facility, exact amount of claims found from the employee’s storage unit was not known. Investigation is going on as technical experts are reviewing all the materials. For now, all the documents appeared to be dated between 2011 and mid-2015. Also, they are  exclusively from the DVS benefits office at McGuire VAMC.

The experts are also working to determine the number of impacted veterans, their identities and the status of their claims. Facility mentioned that the process will take time of one week.

Thomas Herthel, the agency’s director of benefits, told the Richmond Times-Dispatch that 20 to 30 boxes of documents were recovered and included “everything from claims to medical records to miscellaneous correspondence.”

Facility also mentioned that the former employee worked at the agency from January 2012 to August 25, 2015.

“Those claims were reviewed, and DVS contacted affected veterans to advise them and provide assistance,” DVS mentioned. “DVS terminated the employee at that time and has since assigned a new office manager for that location.”

Secretary of Veterans and Defense Affairs John Harvey mentioned that he was deeply concerned about the veterans whose information was mishandled. He also added that his team is working to ensure those veterans receive the necessary benefits.

“At the beginning of this administration, we identified a vulnerability in the Commonwealth’s claims process, and we began implementing a solution to this serious deficiency,” Harvey continued. “Regrettably, our fears were justified, and the danger we were working so hard to address was already a reality. We stand ready to assist any and all veterans impacted, and we are determined to prevent any similar mishandling of information from happening in the future.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Vendor error leads to data breach

October 16th, 2016

Arkansas-based Baxter Regional Home Health Facility (Baxter Home Health) recently suffered data breach affecting patients and employees. The incident may have resulted in exposing some of their information. According to the Baxter Home Health, break-in took place at its Cotter facility overnight. Hard copy files which contained certain patients and employees information was present in the facility.

“We have no information to suggest that any records were viewed or removed from the facility, and none of our electronic records or computer systems were impacted,” Baxter Home Health said in its statement. “We are nonetheless providing notice to potentially-affected patients and employees out of an abundance of caution.”

Affected information includes names, addresses, phone numbers, dates of birth, Social Security numbers, government identification numbers, insurance identifiers and diagnostic information. Employee information may have included names, addresses, phone numbers, dates of birth, licensure information, and information about previous employers.

Facility contacted Law enforcement. It also mentioned that it has conducted an internal investigation and assessment of its own security practices. It is also offering 12 months of complimentary identity protection services. The services taken from identity monitoring services company helps to detect possible misuse of personal information and provide identity protection support focused on immediate identification and resolution of identity theft.

“We are currently working to increase security measures at the facility, and to that end, have changed locks and will be installing cameras and alarm systems to better secure this facility,” the facility said.

Baxter Home Health did not mention number of affected individuals. As per the OCR data breach reporting tool, total 2,124 individuals’ information was impacted by the incident.

As per the statement mentioned on the website, affected individuals are asked to do following:

We want to make potentially affected individuals aware of steps they can take to guard against fraud or identify theft. We recommend that individuals carefully check their credit reports for accounts they did not open or for inquiries from creditors they did not initiate, and to call the credit agency immediately if they see something they do not understand. Any suspicious activity on a credit report should be reported to the local police or sheriff’s office. Individuals should file a police report for identity theft and get a copy of it, since it may be necessary to give copies of the police report to creditors to clear up fraudulent records.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Cloud Security Survey

October 14th, 2016

A latest survey of 643 IT security professionals in the U.S. And Canada found that around forty eight percent of respondents do not scrutinize the cloud for malware. Another 12 percent are uncertain if they do or not.

The survey conducted by the Ponemon Institute and sponsored by Netskope, also found that while 49 percent of company applications are actually saved in the cloud, only 45 percent of these applications are known, approved or authorized by IT. Over 50% of respondents said that the  chance of a data breach is looming over the industry. Nearly 20 percent are not able to ascertain whether they have experienced a violation or not.

“These data confirm that while cloud adoption is very much on the rise, organizations still lack confidence in the cloud’s ability to protect sensitive information,” Netskope founder and CEO Sanjay Beri said in a statement.

“With the rise of cloud threats like accidental data exposure, malware and ransomware aimed at exfiltrating data and extracting financial gain from sensitive data, IT teams need more robust intelligence, protection, and remediation to protect their data from breach or loss,” Beri added.

Many said the violation happened when information was shown to a user from the cloud-based service, either unintentionally or deliberately. Respondents concerns about cloud protection threats are loss or theft of intellectual property, loss of control over the security of information and end user activities, and compliance breaches.

A different Blancco Technology Group study in the U.S., Canada, Mexico, U.K., Germany, France, India, Japan and China found that 26 percent of participants are not confident or fairly comfortable with the security cloud services offers.

“Whenever storing data offsite with a cloud provider, organizations must be diligent in knowing where their data is being stored, how it’s being protected and when it needs to be removed (in the case of migrating data to a new vendor or consolidating data centers, for example),” Blancco Technology Group chief strategy officer Richard Stiennon said in a statement.

 ___________________________________________________________________________________

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Anomaly Detection

October 11th, 2016

With the price of a data breaches going up to 29 percent as compared to 2013, business leaders are under increasing pressure to execute security options in finding hazards developed in cyber security landscape. Data violations mostly go undetected for weeks, months and possibly even years. Organizations need to know kind of current security threat looming over them. Established network management tools and systems in many cases are seen as the conventional approach to organizational security.

Anomaly detection is about empowering proactive incident result management by giving the capability to track down possible hazards before a straightforward violation or uncommon behaviour escalates into a disastrous event. Organizations should consider a number of variables when assessing incident response options.

Manual Tracking Procedures

Incident response teams regularly do manual approach to the security tracking. This procedure is incredibly time intensive. It’s also predisposed towards human error, due to judgment and emotions, leading to results that are wrong and ineffective. Also, an advanced assault will not be probably indicated by one metric.

Impact of Shadow IT

IT and incident response teams now have to worry about workers working from multiple devices, connecting to multiple networks and using countless applications that live through corporate data centers and clouds providers. Security teams need to adopt new strategy for prevention and risk detection.

Do not Follow the Rules

In an effort to automate some of the manual work required with anomaly detection, businesses frequently rely heavily on thresholds and rules. Nevertheless, this strategy comes along with its own distinctive set of challenges. For instance, thresholds and rules are not effective and of little use on regular data. Also, this strategy may create lots of unneeded noise that diverts the focus of incident response teams and security advice.

____________________________________________________________________________________________

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.

Sensitive information on internet affects 300k

October 9th, 2016

Central Ohio Urology Group (COUG) recently suffered data breach. The incident may have exposed the information of patients, employees, and individuals who got the services from the facility.

As per the statement, “We want to make affected individuals aware of steps they can take to guard against fraud or identify theft. Individuals can carefully check their credit reports for accounts they did not open or for inquiries from creditors they did not initiate, and should call the credit agency immediately if they see something they do not understand. Any suspicious activity on a credit report should be reported to the local police or sheriff’s office. When contacting law enforcement, individuals should file a police report for identity theft and get a copy of it, since it may be necessary to give copies of the police report to creditors to clear up fraudulent records.”

Affected information included names, addresses, telephone number(s), emails, dates of birth, Social Security numbers, driver’s license/state identification numbers, patient identification numbers, medical and health plan information, account information, diagnoses or treatment information, health insurance information and identifiers, and employment-related information.

According to the reports, an unauthorized individual made the files and documents live on the internet. Online drive was accessible on August 2, 2016. As per the OCR data breach reporting tool, data of 300,000 individuals was breached.

COUG removed the information from the drive within hours and local law enforcement were contacted. Facility also hired a forensics firm to investigate the incident.

“We carefully reviewed the posted files and documents to determine what types of information had been put online and which individuals may have been affected,” the statement reads. “Additionally, we installed network monitoring software, implemented a new firewall, added access restrictions and began updating system protections to help prevent this type of incident from recurring in the future.”

One year of complimentary identity protection services to individuals is provided to the potentially affected individuals.

____________________________________________________________________________________________

Alertsec is used by organizations that have recognized the need to protect their information.

Ransomware and data breach

October 7th, 2016

Urgent Care Clinic of Oxford in Mississippi recently suffered data breach due to ransomware attack.  According to the reports, the server was attacked in early July. The facility came to know about the incident on August 2, 2016.

As per the statement, “ We understand this may pose an inconvenience to you, and we sincerely regret that this situation has occurred.”

Facility regained control of the server and shut down its remote access. It is taking precaution to prevent the same type of incident. Affected information included patients’ names, Social Security numbers, dates of birth, and other personal information. Any health information on file was also accessed.

“The investigation revealed it is very likely that the attack was carried out by criminal Russian hackers,” Urgent Care said in a letter signed by Dr. Willis Dabbs and Dr. David Coon. “Unfortunately, we cannot say which patients specifically may have been affected by this data breach.”

Facility did not specify number of affected patients by the incident. It has urged individuals to regularly check all credit and bank accounts and report any suspicious activity. Facility is also offering one year of complimentary identity protection services.

“We understand this may pose an inconvenience to you, and we sincerely regret that this situation has occurred,” Dabbs and Coon wrote. “Urgent Care is committed to providing quality care and service to all its patients, and that includes keeping your personal information as safe and secure as possible.”

Direction to place fraud alert:

A fraud alert is a consumer statement added to your credit report. This statement alerts creditors of possible fraudulent activity within your report as well as requests that they contact you prior to establishing any accounts in your name. Once the fraud alert is added to your credit report, all creditors should contact you prior to establishing any account in your name.

____________________________________________________________________________________________

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.